Categories: Articles

What Should Be Secured?

Recently at an IT security conference in Chicago and the keynote speaker”s address reminded me that IT people and business owners often have different views on what are your company”s assets and what constitutes adequate security. Dave Stelzl, author of The House & the Cloud, simplified the security model for business by comparing a business”s security to a home. We “Protect” our home with doors, windows, locks, and fences. However, we all know that these security measures do little to stop a determined or skilled burglar. The next ingredient is the ability to “Detect” a security breach. In a home we put in alarm systems, motion detectors, subscribe to monitoring services and support neighborhood crime watch groups. Finally, the most important provision of the security model is the “Response.” We have a dog that will bite the thief, some people will have a gun ready for intruders, others rely on the police to respond and others purchase insurance to replace lost items and repair any damage.

Using the house as your business scenario you must ask three questions.

1. What are you trying to protect?
2. What nbso are the relevant threats you face?
3. How comfortable are you with your organizations ability to detect and to respond to a security situation?

Your IT Department may do a great job of “Protecting” the physical assets of your company and your network. However, threats today are more likely to target the real assets of your business, the identity information you have collected on your employees, customers, and clients, intellectual assets you may possess, or links to outside assets – bank accounts or credit card information. NBC recently ran a news series and showed that a single online casino personal identity with credit card information could be sold via the internet for $5. TJ Maxx, the retailer, reported a breach of over 40 million credit card accounts. Multiply that number by $5 and do the math. Identity theft is big business.
Who or what is at risk when your company is exposed to an identity theft? The business itself, its owners, and principals are all at risk. Even if the depth of the TJ Maxx exposure is not as great as reported, can your company survive the bad press generated, even if a retraction follows?

No one can guarantee 100% security. A firewall alone is no longer adequate protection. Unified Threat Management Devices (UTM) are now common and should be the basis for security protection. Written company policies regarding the internet, email, and the use of company information should be implemented and reinforced to every employee. Threats are not just external. Disgruntled employees and other internal attacks still account for a majority of the IT security incidents.

So when you take a close look at your company and its valuable assets ask the three questions above and see if you can live with your answers

EMT

Recent Posts

Project Management: Why is it important?

Making things happen is the art and science of project management. The process involves managing…

4 hours ago

Enhancing Website Performance and User Experience Through Caching Strategies

In today's fast digital life, website performance is important, as it holds visitors and ensures…

5 hours ago

Protecting Municipal Data: Security Tips for City Officials

The FBI reported that cyber attacks against government facilities saw an increase of almost 36…

1 day ago

The Advantages of Collaborating with a Managed Services Provider

In today’s fast-paced, technologically advanced world, businesses of all sizes increasingly rely on digital systems…

1 day ago

Technology Buzzwords: Demystifying the Jargon of the Digital Age

You likely hear terms like "blockchain," "machine learning," and "cloud computing" without considering their real…

1 day ago

Top 5 Collaborative Tools in Microsoft 365 Drive Productivity and Innovation

In today’s fast-paced digital landscape, businesses cannot thrive without effective collaboration. Microsoft continues its unwavering…

1 week ago