Is IT Safe?
5 common security pitfalls and what your firm can do to protect itself.
While there are ever-increasing threats to a firm's IT security, technology consultant Dave Cieslak, principal and co-founder of Simi Valley, Calif.-based Arxis Technology, advises that firms pay attention to these five common pitfalls, and offers tips to abate the risks.
Threat: With the explosive proliferation of small devices (such as tablets, cell phones, ultrabooks, etc.) as well as laptops, loss, theft and improper disposal are quickly becoming some of the most significant threats to overall IT security and data leakage/loss.
Response: Reasonable steps to reduce this increasing risk include setting up passwords for all devices, encrypting data on the devices themselves, installing tracking and/or remote-wipe software in the event devices are misplaced, and end-user training.
Threat: Since data and applications will now be residing somewhere other than the "safe and secure" corporate computer room, security concerns are increasingly taking center stage.
Response: Organizations need to consider both internal factors (any requirements or laws preventing certain data from being migrated to the cloud), as well as external factors, such as where the data will be stored, who will have access, what controls the vendor has in place, will the data be replicated, can an organization make their own off-line backups, are intrusion detection mechanisms in place, and is the vendor SAS 70-certified -- to name just a few.
Threat: Users, it seems, are comfortable sharing virtually everything these days via online social media Web sites. But this "personal" information can, and will, be used against them. Cybercriminals are incorporating unique user information into targeted phishing scams.
Response: Users need to be on a keen lookout for these targeted attacks and be more wary than ever regarding what they click on.
Threat: More and more cybercriminals are using infected links as a means of inducing users to install malware on their machines.
Response: End users need to be vigilant about what they click on and make sure they have an up-to-date antivirus solution in place.
Threat: The loss of data -- through natural disasters, fires, equipment failures, and even theft -- can mean the collapse of a firm or its clients.
Response: Critical data, applications and services need to be identified and a backup solution implemented to ensure that the e-lifeblood of an organization is not placed in significant peril. Organizations should definitely consider using one of the many cloud-based backup services to complement, or even as the foundation of, their backup strategy.