Security Spring Clean – The Golden Rules

Judging by the sweet smell of BBQ’s in the park – that major IT clear out is long overdue. Protecting, preserving and optimising your data, avoiding the dreaded cyberattack…you’re doing all you can right?

Check yourself, then check again. Even the basics are subject to human error. We believe in the power of the periodic review – and applying common sense to every corner of data management. Abide by the following golden rules and watch your business dance around the pitfalls.

1. Keep your friends close

Jess joined the organisation a year ago as an IT Ops Engineer. But lately her natural aptitude for numbers has landed her a new offer in Accounting. Drinks are shared, inductions are carried out – and Jess gets to work at her new desk down the hall.

But what if there are gaps in the protocol? While in most cases, Jess is a trusted member of staff, you can’t rule out an attempted breach of security, especially as her new job title makes her a more attractive target. Regardless, doesn’t Jess deserve a level of attention? While she’ll still be using the same company laptop and mobile, does her new role require the same system access? Or, perhaps a previous application is no longer needed. Does she want it crowding up her desktop?

Ask yourself, who has access to what data? Then take the necessary steps to see what’s changed in the last quarter. Mark was the best Compliance Manager that you’ve had in years, but why is he still on the database when he left 4 months ago?

If you don’t put a simple – but solid – procedure in place, then you can’t avoid a degree of data vulnerability. And if you do, the benefits are endless – not least in maintaining a happy workforce who champion your attention to detail.

2. Keep your enemies’ closer

Almost half (48%) of organisations who have suffered a cyber-attack identified the root cause as malicious or criminal. Unlike your average Sales Representative whom you like to share an afternoon coffee with, these guys are hired hacking pros. Without regular maintenance, they will break through your security measures; and with neglect, your business may be making an (unwanted) name for itself.

Alex Verboon, Cyber Security Consultant at baseVISION, elaborates: “The same common sense approach trickles all the way down – from how management chooses to approach its infrastructure hygiene to how the employee treats their everyday files.”

Identifying the weak spots means identifying the bad guys, so that when they linger on the fringes you’ve already sussed them out.

“It should be in everyone’s DNA”, Alex adds.

Taking the time to consider how your enemies operate is key to remaining untouchable.

3. Keep it simple

Boring people might have clean houses, but they tend to fair better when it comes to burglaries. We can’t reiterate enough – keep it simple. Throw out the redundant, update the old, protect the everyday and air-tight the essential.

Continuous maintenance might seem time consuming but it’s a lot better than the five backdoors that Cisco discovered last year.

Remember that email address that you set up for the website of your last marketing campaign? You might be done with it, but your customers aren’t. And they’re using it to exchange sensitive and personal information.

Delete the accounts that are no longer active, just like you’d delete that copy of your ID that you sent to secure your hotel booking. Maybe the IT guy won’t drop by in person to update Jess’ laptop, maybe configuration takes place automatically – but in order for this to work effectively, you need an intelligent audit in place.

There are hundreds of professionals versed in security, privacy and internal audits – and an abundance of tailored cloud solutions. Let them do the hard work for you. Maybe your organisation demands a physical security key, maybe it just needs a thorough spring clean.

So there, we’ve come full circle. And we’re excited to announce a new product designed for this exact purpose. Check it out and discover how Syntaro intends to help you. More security doesn’t have to cost you more time.