System security is a hot topic, and rightly so. Stories of civil servants losing sensitive data or tales of on-line fraud and identity theft are all too common.
Security failures can be expensive on many different levels. It can mean:-
- costs and lost productivity of clearing up after a virus infection.
- losing clients (ask yourself how you would feel about a supplier that infected your systems).
- serious financial losses if a hacker plants a key logger on your system and gets all your on-line bank account details.
Security demands a comprehensive view of what goes on in your IT systems and attention to detail. The skill of a hacker is in exploiting weak points so a layered defence is required, each layer acting as backup for the previous one.
Protection has to be complete. It's no good installing Internet firewalls and filtering software if you allow unprotected laptops in and out of the office. There have been numerous cases of company laptops picking up a virus when being used at home, then promptly infecting the company network as soon as they're brought back into the office.
It's also important to make sure all the defensive layers are kept up to date - an out of date anti-virus program is worse than useless.
| "An ounce of prevention is worth a pound of cure". During routine monitoring of a client's log files we spotted several accesses to web addresses known to be operated by the Russian Business Network and something had been downloaded onto one of the user's PCs. Unfortunately the client had previously been relaxed in their approach to security and the only safe response to this event was to rebuild all their desktop PCs at a cost of £8,000. To prevent a re-occurrence we also installed a content filtering firewall costing £2000 to prevent a repeat. |