Batten Down The Hatches

Source: Exec Digital Canada

Date :9/10/2008 4:10:50 AM

Progress is a wonderful thing, but it should not come at the expense of security. Exec explores the pragmatic side of the technology coin and how companies are keeping their systems safe

Written by Gary Chambers

In the last two decades, technology has advanced exponentially. It has twisted and turned in myriad directions, becoming almost unrecognizable, year on year. 15 years ago, companies and individuals were struggling with infant computer systems, running a pedestrian copy of Windows 3.1 or Mac OS and relying on an ancient communications device known as a telephone.

Fast forward to the present and the shape of technology has changed immeasurably. Communication and connectivity has jumped to the forefront of industry concerns, particularly with recent developments in ‘cloud computing’.

Throughout this period, there has been an unmovable constant, and it’s arguably more important now than ever before: security. And due to the frenetic pace of technology development, IT security companies have one of the hardest jobs of all, to keep up with the pace of change.

Yet it might not be that simple, as security researcher Dan Kaminsky points out, because people do not tend to respond to IT security in the same way that they do to its traditional counterpart.

“We have been trained since we were young to lock the door to our house, our car. We take these sensible security measures in the environment we are functioning in.

“Yet when it comes to computer safety, we forget to look both ways before crossing the internet highway.”

But what is security?

On the surface, security is quite a straightforward concept. But within technology and industry, what are we actually talking about? Well, it is slightly more complicated than making sure you have a firewall turned on or your anti-virus software running, though that cannot be forgotten of course!

Connectivity and mobile working have become crucial to many industries - especially for businesses that operate on a vast distribution network or have facilities in many different countries. There is now a whole host of new considerations.

For most companies, there are two issues that arise instantly: reliability and protection. The former has perhaps always been a concern for IT development, with systems needing to be stable enough to stand up to the rigours of day-to-day working. However, the latter poses an interesting conundrum.

With the growing importance of remote working, long-distance conferencing and communication, and recent developments into ‘cloud computing’ - software and services that are built to operate online, rather than on a local server – companies are having to be more and more inventive to ensure that their data is protected.

This is particularly prevalent in the logistics and distribution industry. Due to the far-reaching and wide-spread nature of the business, companies have always had to rely on a reliable and powerful communications network to ensure that operations are as efficient and effective as possible.

In particular, technologies that integrate global positioning systems (GPS) and effective tracking of distribution are crucial to the industry. Ensuring that the service is reliable and confidential data is secure is vital to both the customer and the company.

A reliable system gives a company the confidence to extend its network and ensure dynamic deliveries where any variances can be taken into account at the point of delivery and distribution can be made effective with real-time updates and alterations.

A troubling statistic

Security is not a matter of looking outwards either. Companies have found the need to be protected from within, with employees frequently taking liberties with IT security by downloading online videos and music over the business network.

This issue is moving in a different direction, as Rik Ferguson of Trend Micro notes: “While office-bound employees have consistently topped the list of those believed to compromise network security in the past, a new series of recent research shows that remote workers are much more likely to cause security headaches for IT departments.”

The worrying statistic is that up to twice as many remote workers were likely to download music or video, and 30 percent more have a tendency to launch executable files, which poses a significant security risk thanks to the widespread permeation of spyware and malware.

A survey conducted by YouGov on behalf of Trend Micro, reveals that upwards of 90 percent of workers do not consider the loss of confidential data at work of concern.

So, on top of companies and employers simply protecting their systems, it is important for employees to be educated in the need for security in technology systems and the potential risks of downloading possibly untrustworthy content.

The unfortunate truth is that many people and are not at fault with the dangers of technology and how easy systems and data can be compromized.

This is where internal data protection companies can step in. This can be as simple as the firewall and anti-virus software offered by companies such as AVG and McAfee, or as complex as corporate security and management software offered by companies such as Centennial Software.

They offer security packages that can monitor and restrict what employees access via the network, and help ensure that no confidential information can leave the company without prior authorization.

This issue has become more prevalent, as Centennial Software notes: “Data breaches have been dominating the headlines recently and have caused organizations of all sizes to reassess their attitudes towards information security, particularly in relation to mobile devices,” says Matt Fisher, Centennial Software’s vice president of marketing.

“No matter what vertical market they operate in, small businesses often live or die by their intellectual property and ability to gain competitive advantage through their data.

“Failing to lock down portable devices on the network is like leaving the back door open and inviting someone to help themselves to your livelihood.”

Why the need for security?

There are many reasons why security is important, such as maintaining customer loyalty and protecting intellectual property. A cynic would suggest that it all boils down to money and, to an extent, they may well be right.

Money is certainly important in the financial sector, that is obvious. It is keeping money secure that dominates. Banks work hard to ensure that they are equipped with all kinds of protection and encryption on credit and debit cards.

It all comes back to educating people to be more vigilant and take security more seriously. As Perry Tancredi of VeriSign says: “Regardless of how strong the security measures, and how vigilant, the weak part of the chain is there is always a human who is responsible and who has overall control over the information.”

So that seems to be the overriding issue: Security companies are always going to work hard to keep up with the pace of change and, of course, that is a challenge, but it is down to businesses to educate employees and customers, to make sure that the security principles in place are upheld.