Categories: Articles

What Should Be Secured?

What Should Be Secured?

I recently attended an IT security conference in Chicago and the keynote speaker’s address reminded me that IT people and business owners often have different views on what are your company’s assets and what constitutes adequate security. Dave Stelzl, author of The House & the Cloud, simplified the security model for business by comparing a business’s security to a home. We “Protect” our home with doors, windows, locks, and fences. However, we all know that these security measures do little to stop a determined or skilled burglar. The next ingredient is the ability to “Detect” a security breach. In a home we put in alarm systems, motion detectors, subscribe to monitoring services and support neighborhood crime watch groups. Finally, the most important provision of the security model is the “Response.” We have a dog that will bite the thief, some people will have a gun ready for intruders, others rely on the police to respond and others purchase insurance to replace lost items and repair any damage.

Using the house as your business scenario you must ask three questions.

1. What are you trying to protect?
2. What are the relevant threats you face?
3. How comfortable are you with your organizations ability to detect and to respond to a security situation?

Your IT Department may do a great job of “Protecting” the physical assets of your company and your network. However, threats today are more likely to target the real assets of your business, the identity information you have collected on your employees, customers, and clients, intellectual assets you may possess, or links to outside assets – bank accounts or credit card information. NBC recently ran a news series and showed that a single personal identity with credit card information could be sold via the internet for $5. TJ Maxx, the retailer, reported a breach of over 40 million credit card accounts. Multiply that number by $5 and do the math. Identity theft is big business.

Who or what is at risk when your company is exposed to an identity theft? The business itself, its owners, and principals are all at risk. Even if the depth of the TJ Maxx exposure is not as great as reported, can your company survive the bad press generated, even if a retraction follows?

No one can guarantee 100% security. A firewall alone is no longer adequate protection. Unified Threat Management Devices (UTM) are now common and should be the basis for security protection. Written company policies regarding the internet, email, and the use of company information should be implemented and reinforced to every employee. Threats are not just external. Disgruntled employees and other internal attacks still account for a majority of the IT security incidents.

So when you take a close look at your company and its valuable assets ask the three questions above and see if you can live with your answers

EMT

Recent Posts

Shared Mailbox vs. Regular Mailbox in Microsoft Exchange

Microsoft Exchange provides multiple ways to control email communication in a business. Shared Mailboxes and…

24 hours ago

Remote Work Rising: The New<br>Way We’ll Work

Remote working was once a niche specialty, only used by tech-savvy and freelancers. But in…

24 hours ago

The Role of Print Servers In<br>An Organization

While we live in a digital age, print is still a staple for many businesses.…

1 day ago

Implementing Anti-Spoofing Rules for Email Protection

Increasingly, email communication is playing a pivotal role in business operations, facilitating collaboration, customer engagement,…

2 days ago

The Comprehensive Benefits of MSP Management for Servers, Exchange, O365, VPN, and Networks

As the digital landscape evolves, businesses of all sizes face the challenge of managing complex…

2 days ago

Cost-Benefit Analysis of On-Premises Network/Server Infrastructure vs. Azure-Based Cloud Infrastructure

In the evolving landscape of information technology, businesses constantly seek the most efficient and cost-effective…

2 days ago