Get Your Head Out of the Sand

Get Your Head Out of the Sand

Many people believe that ostriches put their head in the sand to hide from danger.  The reality is that they are using their beaks to turn their eggs in the nest they’ve dug in the ground.  So, they aren’t hiding, they are protecting their valuable eggs.

Are you hiding from the security dangers that prey on your business computer network?  When we identify security risks, quite often there is always a reason why they aren’t addressed from “It’s not in our budget,” to “It’s not a priority” to “It won’t happen to us.”  Sadly, we’ve seen this approach backfire too many times.  What are the biggest security risks facing businesses today?

Careless or Uninformed Employees – We can’t say it enough.  Train your employees on cybersecurity best practices and offer ongoing support.  Employee awareness is a major part of the problem.  In 2015, 72% of breaches originated from within the extended organization (includes contractors and former employees).  A CITI report recently found that less than 35% of employees felt it was their responsibility to keep company data safe.  It is critical to drive home internal data security as a core business objective.  There are many options on how to do this including Security Awareness and Training programs like the ones that IT Radix offers.  Our recommendation…get started on developing good data protection habits within your organization today.

Make sure employees use passwords on all devices.  Make sure they are strong and changed regularly—just like those ostrich parents rotating their eggs in the nest.  We can assist with a password management system to help automate the process and reduce the need for your staff to remember multiple passwords.

Mobile Devices – The rapid rise of Bring Your Own Device (BYOD) has not only brought convenience and cost-savings but also introduced a host of security concerns.  Over two-thirds of global organizations have been affected by mobile security breaches.  Have a carefully spelled out BYOD policy.  Consider how you share data and allow access to data and email.  Here again, education and password policies can help reduce your risk.  Consider adding mobile device monitoring to help quickly pinpoint exposures if mobile devices are lost or stolen.

Cloud Applications – Carefully evaluate the cloud solutions you are using in your business.  This includes applications such as file sharing and social media apps.  Develop some security guidelines and policies around the use of cloud applications within your business especially as more and more line-of-business applications are being converted to cloud applications.  Review the access rights and permissions not only of your staff but also of the cloud application provider.  Many cloud applications are now supporting encryption at the data level to help provide even greater protection.

Unpatched Devices or Devices That Cannot be Patched –  Most businesses know that they need to patch their end-user machines (even if they don’t have processes in place to ensure it’s happening).  However, just like the misunderstood ostrich, many forget network devices such as routers and printers that also need to be updated and patched.  In July 2015, Microsoft stopped updating Windows 2003 servers.  There are still millions of these servers in use.  The list of unsupported technology doesn’t stop there.  Are you still using outdated tech?

By providing security awareness education, being knowledgeable about security threats, and being transparent at all levels about the consequences of a data breach, you can get your head out of the sand and protect your valuable data head on.

First published in our April 2017 IT Radix Resource newsletter