Street Talk: Reader Views

Print
Email
Reprints

What is the most effective technology security measure-whether software, hardware, or policy-that your organization has implemented in the last year? We recently established a policy to have all laptops and workstations audited monthly to make sure anti-virus, spyware, backup, and firewall applications are turned on and working properly.

Tad W. Remington, CMA

InterDyn Remington Consulting

Partner Insights

Portland, Ore.

Implementing hard drive passwords on all our Dell laptops. At first the staff grumbled a bit, but overall it has been a success and the additional security it provides outweighs the inconvenience of yet another password.

Lisa Dunnigan

Olsen Thielen & Co.

St. Paul, Minn.

The most useful security device we've implemented recently is called G/on. It's made by a company called Giritech and lets us give people access to just a single application or the entire network from anywhere whether they work for our company or not. The product is menu-driven and incredibly simple for the enduser. Modifications to who can access what and the addition of new applications or connections can be configured and updated within seconds. The changes are sent seamlessly to the user, not even requiring them to login to a new session. It's purely a security device that uses either Windows Terminal Services or Citrix to run non-Web-based applications remotely. If both ends of the connection have a very high bandwidth, then the applications can be run using the G/on USB key.

Michael Schwartz

Business Management International

New York, N.Y.

Single Sign-on. It allows companies to streamline adding and removing users and ensures that individuals only have access to those systems they should have access to. When the user's role changes, the appropriate permissions are added or removed based on corporate policies. All enforcement occurs in a single location rather than in a number of separate systems that are rarely properly maintained.

Chris Milan

Tribridge

Tampa, Fla.

We installed a Symantec Gateway Security device, a firewall that allows us to ensure that our endusers are not circumventing their anti-virus updates or turning it off, and then accessing the Internet. Technology has gotten pretty good-endusers have gotten better at making it useless over the years.

Yvonne Mangum

Y's Solutions

Bird Island, Minn.

Ultra-sensitive files and forensic evidence are kept in a locked steel cabinet to which I have the only key. My office, where all forensic/BV files are kept, is locked whenever we have people in the house who might wander in to look around. Old file storage is in our attic over the garage, which is always locked. Additionally, we have a very effective guard dog.

Dave Mensel

David E. Mensel, PC, CPA

Nashville, Tenn.

We have a combination of policy reinforced with technology. This includes ASi Smart Solutions Conditional Field Level Security extension for Microsoft Dynamics AX, which allows companies operating in SOX (404/302) environments the ability to keep sensitive corporate information from information workers while allowing them to perform their job. It was previously thought that sensitive information couldn't reside in enterprise-wide resource planning databases as it is typically accessed by many people and the risk of having this data viewed and exported was too great.

Jeff Onesto

Advanced Systems Integration

Orange County, Calif.

Tampa, Fla.

Within the last year, we implemented the use of Secure Portals. This provides our firm with a method to deliver/exchange sensitive documents with our clients without using unsecure email and attachments. This has proven to be very effective, convenient, and clients like it.

John G. Seale, CPA, CITP

RBSK Partners

Greensburg, Ind.

The most effective thing was hiring a director of information security. Without a position that has the authority to create and set policy and procedure-as well as implement a continuous awareness program-no technology would be useful.

Jeff Hapeman

Clifton Gunderson

Peoria, Ill.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.

Register now for FREE site access and more