Higher risk means better strategies needed

SECURITY

Information is the lifeblood of business. Valuable corporate data is available to employees, business partners and contractors. It is accessed locally, in the cloud and virtual environments, providing instant access to non-public sensitive information. Making matters worse, employees typically do not ask permission to load third-party software or applications on their laptops and mobile phones, devices that are connected to their companies' networks and data stores.

The convenience and business value of "information anywhere" comes with risk. While companies want to support devices, software and applications that enable employees to get the job done, they must do so while carefully monitoring and managing business risks related to the use of information and IT.

“One solution is information security everywhere, but this is impractical and unachievable. Organisations need to determine when convenience results in too much risk and what should be done to limit risks. This is a major challenge, especially when you consider that most organisations cannot answer the simple question, ‘What is our information risk today?’” says Bruce Goodwill, Sales Director – EMEA, LATAM and Australia at AVG.

A good place to start, he says, is to treat online security the same way that businesses treat corporate governance and brand protection, and make it a boardroom issue. “This is not just a technology debate,” he points out. In addition, companies should protect, and keep protection updated for all computers and mobile computing devices that are brought in or taken home by staff, contractors, clients and visitors. Another measure is to promote strong password management, with password and username combinations that are not easy to guess and which include a combination of letters and numbers.

“Many businesses assume that because they have security software installed on their PCs, they are protected. However, the threat landscape is growing exponentially. In addition to increasing malware attacks via the Web, companies need to be wary of mobile devices that connect to their networks, and the risks posed by social networks and disgruntled employees. In order to manage this, organisations should begin by defining the business risk from the top down and then prioritising them,” Goodwill says.

As a basis, an effective security software suite will keep the bulk of threats at bay on a company’s PCs and laptops. Some, like AVG Internet Security, provide additional defences against attacks via social networks through products like Linkscanner and Online Shield. This also applies to security software for mobile devices. Goodwill points out that with the number of mobile devices entering company networks today, mobile security software has become as essential as PC and server protection.