How Secure Is your Data?

Posted on Posted in Uncategorised

I’ve written a paper about Information Security.  Here’s the introduction…

And here’s a download Link

Introduction

Information is the life blood of your organisation, from product designs and business plans to client lists and sales data. It is common to carry insurance to protect the “business” itself but how much thought have you given to the actual protection of the information that underlies that business?

Today, threats to your information are increasing. Be it from a teenage hacker in his bedroom doing it “just because he can”, from a more organised Business Intelligence firm seeking a marketing edge, or from one of your competitors trying to gain an advantage over you.

The threats are becoming more sophisticated and Intellectual Property (‘IP’) security is often way down the agenda of a company right up until a competitor has somehow got a copy of the “secret sauce”!

This whitepaper sets out some of the important components for you to consider in each stage of the process.

I’m safe aren’t I?

You may not know it but your threat ‘surface’ is changing all the time.  Have you thought about the new cleaning company, property maintenance company or photocopier providers?  The new bit of software downloaded by a sales person or Financial Controller to help with a difficult business process?  The cool new website or viral email doing the rounds of the office?  The USB/CD stuffed full of presentations you got at the trade show? Even the kids’ favourite apps on a tablet you hook up to the office Wi-Fi?  All of these methods have been used to steal information from companies so that competitors can gain that vital edge.

Sometimes it is not about theft

It’s not all about stealing your information, sometimes it is about stealing your resources and hiding in your environment. 

The rise of ‘Denial of Service’ attacks have become prevalent during the ‘Arab Spring’.  Taking a high profile website offline has become a common method of making a political statement.  This is done by hackers taking control of a wide range of workstations and servers in businesses just like yours, often without you even noticing.  When the attack is on, your PCs are subverted to their will.  You notice your internet slowing down, your file servers filling up and then a crash. No longer able to operate as a business or put in that crucial trade – you are collateral damage to their cause.

A city institution experienced the embarrassment of hosting a large Adult website on its servers without being aware of the fact until their trading systems could not achieve a connection to the various stock exchanges.  It turned out that the site had become so popular that all the bandwidth was taken up by the website.

But I’m Secure!

Most companies rely on a citadel solution to information protection and security with most of the control and monitoring at the perimeter of the organisation. Think of a front desk security person or a network firewall; once breached, the perimeter defences are of little use. Of course there are antivirus tools but to a dedicated hacker there are several ways to mitigate their effects.

A given incident could be external (bad guys trying to get in) or internal (bad apple employees trying to get information out).  The key question to ask yourself is where are my weakest links?  The real answer may be much more unexpected than you assume.

What’s the solution then?

You understand the value of your data and systems.  The worst part of investing in any security system from employee vetting, premises security or data security is that you don’t know if your investment is worth anything until it’s too late.  IP Sentinel have developed a 4 stage process against which you can judge your capabilities in terms of Information Protection.

Stage 1: Recognition
Stage 2: Prevention
Stage 3: Monitoring and Mitigation
Stage 4: Response and Recovery