How secure is your security? You have firewalls and you've got antivirus software, so why is your computer back in their IT hard drive and reinstall everything wiped? The simple answer is because the risk to safety is not taken seriously enough!
This time you were lucky, a simple virus or trojan can be sorted. The next time it could be a hacker. Before you have time to say 'annual bonus "Their entire database is floating around in cyberspace and you have some serious statement to do to your customers.'s Not the ideal way to start your Monday morning. However, armed with a little research and common sense, you can ensure your database is not quite as vulnerable.
In a nutshell, security is about risk management, whether the risk is to your current profitability or your organisational climate, if it could happen, what can you do to reduce the risk of it likely? Your database can not be chopped, or pick up any deadly virus, but if it works, do you really want to explain to your customer why you have lost all their confidential information?
With every Tom Dick and Harry out there offering so many different security products, as you know, what is best for your business? Vendor A seems to be selling the same product as Vendor B, which packaging is similar, they both seem to be offering the same things and the only real difference is obvious, a provider A is charging a lot more money. The most common explanation for this is a provider A lot of money invested in research, which in its security. Vendor B can promise to protect you from any potential danger out there today, but a provider makes sure that they are anticipating what is good to you tomorrow.
It is not only what you attack "out there" that you need to be vigilant. In fact, your safety is more likely to be injured by one of your own employees. Simple steps can make sure your company does not scream 'easy mark' on each hackers or disgruntled employees. Obvious passwords must be banned, it is much too easy to find out what Sarah in accounts cat called, or the indication of Luke in the sales, especially in this age social networking. They should also ensure that the old accounts be removed, particularly if an old workers will not leave on the best of terms, you leave open their statements are only asking them to extract a little revenge. It is also important to ensure that the safety of access is wisely. Does your internal really need the same level of access to your account as directors? It can only get better for them all Administrative clearance, but is it an acceptable risk? One last really simple, what you can do to your security is "patching" when the manufacturer discovered a potential weakness in the security package will fix the patch that potential error ignored theses patches ignore means a recognized hazard.
So you have a good objective look at your business from the perspective of a hacker and decided that you will lose your computer to IT for the day (and this is at least) is not a viable option. They also know that the cheapest option out there is not necessarily want to cost you less in the long term. Now you need to find out how much is acceptable to spend on potential risks. The easiest way to do this is to provide a value on what it would cost if something happens, then times it by how often this risk could occur. From this you should be able to work, what is acceptable, for your safety.
Post a Comment