There is much in the news about data breaches, information hacks, and data loss. Such events when publicized can lead to a loss of reputation, brand damage, legal actions, and other undesirable outcomes. Loss of data can also mean a loss of competitive advantage, damaged infrastructure, and monetary losses, regardless of the size and scope of the business. If your intellectual property is important to your business it is important to others also. This can include insiders who may profit from your vulnerabilities while under your employ or become your competitors down the road.
Thefts and losses occur from a variety of sources including both intentional and non-intentional acts. The threat landscape is complex, pervasive, and difficult to manage and mitigate. Even the largest of corporations face great challenges in keeping pace with the onslaught of new technology, growing threats, and ongoing criminal activity. Most small to mid-sized businesses do little to address the issues believing they are under the radar and safe from harm. Unfortunately this is not the case. So what are the answers?
As with any event that is difficult to control or predict, it is best to be prepared. Preparations start with being well organized in all facets of the business operation, technology management, ongoing oversight, and the ability to respond precisely to a threat or compromise. Ad hoc planning and response will not cut it as you are most likely to miss the early warning signs and destroy key information in your response.
Books have been written, courses taught, standards developed, degrees obtained, with professions and lives dedicated to being prepared. This is a complex mission and far beyond the scope of this article, however some food for thought follows.
What do the technology platforms look like in your business? How are devices deployed? Are there approved apps, devices,networks, deployment standards, acceptable use policies, ongoing training? If BYOD is part of your business platform, do you allow devices that are jailbroken, run unapproved apps, and how do you monitor for data leakage?
What does normal traffic look like on your network? Where does legitimate remote traffic originate from? What times are remote users accessing your networks and computing systems? How do you detect anomalous behavior?
Building secure, standardized, stable infrastructure and understanding what normal activity looks like is critical in benchmarking security. Additionally the ongoing monitoring and management of network access, traffic and transactional flows, and the monitoring of key applications are critical in the ongoing day-to-day management of the availability, performance and security of the information technology infrastructure.
Network Management Solutions provides robust design and management services that are a critical component in keeping corporate information safe.