11 May 2012

What should your business be doing about security threats?

As IT systems become more integral to businesses, so does their security. If your business falls prey to an attack, the risks are two-fold:
  • Operational. If an attacker manages to compromise one or more of your systems, they’re usually in a position to disrupt your operations, should they choose to do so.
  • Reputational. Informing your customers or business partners that their information has been stolen from your systems is not something that helps to engender trust, and will damage your reputation.

The nature of the threat

The threat faced by businesses is constantly evolving. In particular, the last 12 months have seen a rise in ‘hacktivism’, or hacking for political ends. Verizon’s 2012 Data Breach Investigations Report – which collates statistics from international cyber-crime fighting bodies, including the Australian Federal Police – points out that hackivists steal more data than any other group. Organised criminals are also active, mostly using high-volume, low-risk attacks to find weaker targets. The Verizon report also revealed that:
  • 98% of attacks are from external parties.
  • 79% of victims are opportunistically targeted.
  • 96% of attacks are not highly difficult.
  • 95% of data leaks involve servers.
This means that you can go a long way to protecting your business through simple security measures that foreclose easy hacking opportunities.

Preventative measures

To ensure that you’re adequately protected, make proper use of firewalls, access-control and intrusion detection systems. Network configuration is increasingly specialised, so if your IT team doesn’t have the right skills, seek help from your IT provider. Some sort of malware is used in 69% of breaches, so make sure that your anti-virus protections are working and properly updated. Lost laptops and devices are a growing opportunity that’s quickly stopped by encryption and remote wipe capabilities. For mid-sized businesses, a network monitoring system can also be worthwhile. Over time, these learn the typical patterns of traffic on your network, and they can raise the alarm when data breaches occur. They’ll also help to control virus outbreaks and can detect computers using unwanted services that can bring dangerous content into the network environment, such as peer-to-peer sharing software.

Consider the cloud

One of the benefits of cloud services is that your cloud provider becomes responsible for security. While this will give you less control over security measures, in most cases the security your information will have in the cloud will be more stringent than what you can deliver in-house. (Can you employ a full-time security chief, for example? Your cloud provider probably does). There are, however, some questions worth asking your provider:
  • Where will my data reside? It may be important to you that your information remains in Australia, for example, or that you be the only customer in a particular environment.
  • What security protections are in place? Your provider should be able to detail how your data will be protected not only in the cloud, but also when it’s in transit. Ask about security audits and reviews. There should also be physical, data centre protection measures.

Summing up

Hackers and cyber-criminals are constantly changing their methods, looking for new gaps to exploit. Make sure that you’re well served by network systems, firewalls and anti-virus protections. And if you haven’t examined your defences for a while, take the time to ensure that they haven’t gone rusty. Dave Stevens is MD, Brennan IT. (This blog post was first published on the SmartCompany website on May 10 2012)
Top