BreachExchange mailing list archives
Know thy enemy: How IT protects your business from undesirables
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 13 May 2015 19:33:54 -0600
http://mediaroom.marlinfinance.com/information-technology-equipment/know-thy-enemy-how-it-protects-your-business-from-undesirables/ When done right, any information technology job is a relentless one, especially in this day and age. With more companies than ever integrating extensive tech-driven initiatives into their business models, there is much for the IT professional to do. And as more business is conducted through these channels, the greater the reliance an organization has on the knowledge of its IT. Greater still are the demands. Executives with little to no IT experience might not know what their companies are up against when it comes to managing various networks within an office setting or troubleshooting issues as they arise. Think of robust investment in IT as fortifying a castle. Proper maintenance and threat assessment can keep your kingdom not just standing, but thriving. But in order to keep your Camelot from crumbling down to the ground, your IT department needs to remain vigilant. Every executive should know what's on IT's most wanted list. Mismanagement Depending on the business model, an IT department might get its marching orders passed down from on high. Most likely these tech-savvy employees will have advice as to how your company should organize its networks and store its data. Listen to them. As Inside Counsel warns, failure to adhere to certain regulations can put your organization at risk of data breach, fines or loss of pertinent information necessary to its daily function. A writer writes and a builder builds. Inherent in both of those positions, as with IT, is the need to scrutinize the work output. If a writer sent her editor an article riddled with spelling errors and misplaced commas, she might lose her job. If a construction worker doesn't align his blueprints with local ordinances, the buildings he makes will be deemed unsafe. IT professionals know how to hunt down the little inconsistencies that keep a modern business moving, but they also understand the varying levels of security architecture and upkeep required to maintain continuity. Trust them. Technology trends The Internet of Things and Bring-Your-Own-Device programs spice up the office while encouraging productivity and innovation. They both also create a heavier workload for your IT department upon integration. To help ease the transition, Forbes contributor Joseph Steinberg suggests treating all these new devices as serious computers and as such, serious portals through which cyberattacks can occur. According to Steinberg, any device connecting to your company's network not only needs protection against threats from the Internet and encryption support, but also remote-operated data wipe capabilities. After all, merging a personal smartphone with a work phone means splitting responsibilities with your employer. In exchange for the freedom to allow employees access to important data caches from the palm of their hand, IT departments need the ability to protect that device as it would any other tech under its purview. Human error IBM's 2014 Cyber Security Intelligence Index found that 95 percent of all workplace security issues involve a human touch. Though the report included things like clicking on malicious email attachments and ridiculously easy passwords (come on, folks), problems also included configuration problems only the IT department would have access to. So, how can you trust IT when they could be their own worst enemies? By working alongside the team to develop a system of checks and balances outlining every possible incident and a list of solutions for each one.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Know thy enemy: How IT protects your business from undesirables Audrey McNeil (May 20)