Higher risk means better strategies needed
SECURITY| June 25, 2012, 11:28 a.m.
Information is the lifeblood of business. Valuable corporate data is available to employees, business partners and contractors. It is accessed locally, in the cloud and virtual environments, providing instant access to non-public sensitive information. Making matters worse, employees typically do not ask permission to load third-party software or applications on their laptops and mobile phones, devices that are connected to their companies' networks and data stores.
The convenience and business value of "information anywhere" comes with risk. While companies want to support devices, software and applications that enable employees to get the job done, they must do so while carefully monitoring and managing business risks related to the use of information and IT.
“One solution is information security everywhere, but this is impractical and unachievable. Organisations need to determine when convenience results in too much risk and what should be done to limit risks. This is a major challenge, especially when you consider that most organisations cannot answer the simple question, ‘What is our information risk today?’” says Bruce Goodwill, Sales Director – EMEA, LATAM and Australia at AVG.
A good place to start, he says, is to treat online security the same way that businesses treat corporate governance and brand protection, and make it a boardroom issue. “This is not just a technology debate,” he points out. In addition, companies should protect, and keep protection updated for all computers and mobile computing devices that are brought in or taken home by staff, contractors, clients and visitors. Another measure is to promote strong password management, with password and username combinations that are not easy to guess and which include a combination of letters and numbers.
“Many businesses assume that because they have security software installed on their PCs, they are protected. However, the threat landscape is growing exponentially. In addition to increasing malware attacks via the Web, companies need to be wary of mobile devices that connect to their networks, and the risks posed by social networks and disgruntled employees. In order to manage this, organisations should begin by defining the business risk from the top down and then prioritising them,” Goodwill says.
As a basis, an effective security software suite will keep the bulk of threats at bay on a company’s PCs and laptops. Some, like AVG Internet Security, provide additional defences against attacks via social networks through products like Linkscanner and Online Shield. This also applies to security software for mobile devices. Goodwill points out that with the number of mobile devices entering company networks today, mobile security software has become as essential as PC and server protection.
MORE SECURITY NEWS
Safe Deposit: Defeating cyber-attacks against banksWith online heists once again hitting the headlines, how should banks and their customers protect themselves against similar attacks? Read More
Large organisations gear up to address aggressive cyber-security business disruption attacksAlthough the frequency of a cyber-security attack on a large scale is low, by 2018, 40 per cent of large organisations will have formal plans to address aggressive cyber-security business disruption attacks, up from none this year, says Gartner. Read More
Identity and access management trends for 2015CA Technologies has identified five key trends for security and identity and access management (IAM) that will impact organisations and security professionals in 2015 as they compete in the application economy. Read More
Leading newspaper site hackedBotswana is seeing unprecedented cases of internet hacking with one of the latest attacks targeting one of the country’s leading private newspapers, Mmegi. Read More
Senegal hit by wave of cyber attacksSenegal has been hit by a wave of hackings in the past two weeks, two of which hit the popular news website Seneweb.com and ADIE. Read More
Cyber attacks may get more virulent, Cisco, Kaspersky warnCyber attackers are using more subtle methods to infiltrate corporate networks with the aim of stealing vital information or simply causing mayhem. This is according Kaspersky Lab and Cisco, who say IT security experts should up their game in educating users how to ward off potential attackers. Read More
SIM box task team steps up successes with help from ICT firmGhana’s efforts to crack down on SIM boxing fraud have been given a boost by the efforts of Subah Infosolutions Ghana Limited, which now partners with the authorities in the fight against this crime. Read More
Software vulnerability led to Ghana govt site hackA software vulnerability and failure to update software led to the hacking of some websites on the government of Ghana’s official portal. Read More
CBN issues directive on two factor authentication for internal banking processesThe Central Bank of Nigeria has issued a directive requiring all deposit money banks (DMBs) to implement two factor authentication for internal processes this year. Read More
SA: 57% could not recover money stolen in online fraudA recent survey conducted by Kaspersky Lab and B2B International found that more than half of those respondents in South Africa who lost money in fraudulent online transactions did not get all – or sometimes any – of their funds back. Read More
FEATURED STORY2bn priced out of internet access
A new report from the Alliance for Affordable Internet shows that the price of broadband remains prohibitive for billions in developing and emerging countries, with women and rural dwellers hardest hit.
BEST READ NEWS
IN DEPTHKenya’s digital TV battle hots up
Kenya’s journey to Digital TV broadcasting took a new turn this week, when the Communication Authority of Kenya (CAK) accused three local media firms of intent to disrupt the process.
COMPANY NEWSVMware unveils vCloud for NFV with Integrated OpenStack to accelerate service innovation
VMware, the global leader in virtualisation and cloud infrastructure, today debuted VMware vCloud for NFV, an integrated Network Functions Virtualization (NFV) platform that will combine VMware’s production-proven ...