Security. It is at the forefront of every conversation and concern in our lives today, and it will only increase in importance for the foreseeable future. At the Corporate level, we know that Network Security is the primary concern, but what are the primary components of concern for small and large organizations?
BYOD (Bring Your Own Device) – We are in the age of tablets and smart phones. Most companies allow employees to use these devices to access enterprise data. Because employees are no longer accessing data on a single PC, within a strictly supervised internal network, organizations have to adapt to the growing risk and opportunities for security breaches. What if a device is lost or stolen? What if users are accessing data through an unsecure network? Who else has access to the device? What if a malicious app is installed on the device? This lack of physical control and access of personal devices by the IT team is a tremendous challenge to network security.
CLOUD COMPUTING – With cloud computing, businesses are dependent on the cloud provider to store and manage data (as opposed to keeping data local on an in-house server). Hacking, provider user access, data transfers, data separation, and data storage are all reasons companies have been slow to embrace cloud.
DATA RECOVERY – Network security is about keeping data safe. But what happens when data IS lost? A reliable backup system encompasses data classification (does ALL data need to be backed up), secure and timely backups, and a recovery strategy. Protocols must also be in place for disaster recovery, be it natural (i.e., weather, earthquakes) or man-made (i.e., cyber-attack, terrorism).
INTRUSION DETECTION AND PREVENTION – This is what makes the headlines. We have seen countless news stories about corporations being hacked. Effective anti-virus protection, malware blocking, web filtering, firewalls, content security – when we think of network security, these are things most people think of, but these are just one of many security components that organizations face.
HUMAN FACTOR – Many in the industry call this the weakest link in IT security. Disgruntled employees, careless or uninformed employees, lack of management support, recruiting and retaining qualified IT staff, no clear compliance or regulation enforcement – all of this requires careful monitoring and oversight. No matter how far technology advances, the human factor can never be ignored.
Network security is crucial to any organization and cannot be left in the hands of just the IT department. Network security must be addressed at the level as well. Risk assessment and mitigation is vital. Equipment, software, employee education and compliance are all factors in keeping your company’s data secure.