Higher risk means better strategies needed
SECURITY| June 25, 2012, 11:28 a.m.
Information is the lifeblood of business. Valuable corporate data is available to employees, business partners and contractors. It is accessed locally, in the cloud and virtual environments, providing instant access to non-public sensitive information. Making matters worse, employees typically do not ask permission to load third-party software or applications on their laptops and mobile phones, devices that are connected to their companies' networks and data stores.
The convenience and business value of "information anywhere" comes with risk. While companies want to support devices, software and applications that enable employees to get the job done, they must do so while carefully monitoring and managing business risks related to the use of information and IT.
“One solution is information security everywhere, but this is impractical and unachievable. Organisations need to determine when convenience results in too much risk and what should be done to limit risks. This is a major challenge, especially when you consider that most organisations cannot answer the simple question, ‘What is our information risk today?’” says Bruce Goodwill, Sales Director – EMEA, LATAM and Australia at AVG.
A good place to start, he says, is to treat online security the same way that businesses treat corporate governance and brand protection, and make it a boardroom issue. “This is not just a technology debate,” he points out. In addition, companies should protect, and keep protection updated for all computers and mobile computing devices that are brought in or taken home by staff, contractors, clients and visitors. Another measure is to promote strong password management, with password and username combinations that are not easy to guess and which include a combination of letters and numbers.
“Many businesses assume that because they have security software installed on their PCs, they are protected. However, the threat landscape is growing exponentially. In addition to increasing malware attacks via the Web, companies need to be wary of mobile devices that connect to their networks, and the risks posed by social networks and disgruntled employees. In order to manage this, organisations should begin by defining the business risk from the top down and then prioritising them,” Goodwill says.
As a basis, an effective security software suite will keep the bulk of threats at bay on a company’s PCs and laptops. Some, like AVG Internet Security, provide additional defences against attacks via social networks through products like Linkscanner and Online Shield. This also applies to security software for mobile devices. Goodwill points out that with the number of mobile devices entering company networks today, mobile security software has become as essential as PC and server protection.
MORE SECURITY NEWS
The sum of details at hand equals the quality of a cyber threat investigationJust like any detective investigating a crime scene, security analysts need to be able to access all the information pertaining to any threat incident they are investigating. Read More
ATM/card-related frauds rise 11.95%Fraud cases perpetrated through the use of automated teller machine (ATM) and other card payment system has risen 11.95% over last year’s cases, according to the Nigeria Deposit Insurance Corporation (NDIC) annual report. Read More
Identity thieves target used hard drivesCompanies need to take measures to wipe the hard drives of obsolete technology before selling or donating it, warns Xperien. Read More
Cybercrime in South Africa: The battlefield has shiftedAlthough the majority of South African businesses are investing in their security infrastructure, many are doing so in the wrong places. Read More
RSA acknowledged by Frost & Sullivan for excellence and innovation in its network security forensicsRSA, The Security Division of EMC, has been determined by Frost & Sullivan as winner of the 2016 Global Frost & Sullivan Enabling Technology Leadership Award in Network Forensics for RSA Security Analytics. Read More
Top targets for cyber attacks in East AfricaGovernments are East Africa’s top target sector for cyber attacks, followed by telecoms and financial services, says a report by Control Risks. Read More
Connecting the dots: respond-to-alerts based security posture will not protectAccording to an Arbor paper, “Connecting the Dots in Enterprise Security”, advanced threats target a specific company, are designed to bypass traditional controls, and comprise a planned and orchestrated set of attack activities. Read More
DNS attacks on the increase, concern for SA firmsSouth African organisations will likely see an increase in the volume and severity of network attacks over the coming years, says Arbor Networks. Read More
RSA: 75 percent of organisations at significant risk of cyber incidentsRSA, The Security Division of EMC, has released data demonstrating that organisations that invest in detection and response technologies, rather than perimeter-based solutions, are better poised to defend against cyber incidents. Read More
FEATURED STORYGovernment should encourage youths in ICT early
Youths should be given more encouragement to develop their ICT skills, an 11-year-old app developer told Kokumo Goodie.
BEST READ NEWS
IN DEPTHIBM Opens First Cloud Data Centre in South Africa
IBM is opening a new IBM Cloud Data Centre in Johannesburg, South Africa. The new cloud center is the result of a close collaboration with Gijima and Vodacom and is designed to support cloud adoption and customer demand across the continent.
COMPANY NEWSTigo, JI and GES equip teachers on child online protection initiative
Tigo, in partnership with J Initiative (JI), a youth focused non-governmental organisation in Ghana, have committed to protecting children online through policy advocacy, awareness creation, public education ...