Guest Column | September 25, 2013

Four Ways To Minimize The Threat Of Data Breaches

By Reyna Thompson, Vice President, CONVERGESolv Secure Networking, SYNNEX Corporation

The latest security technologies are making systems harder to crack, but data breaches are still very common — so where’s the disconnect? Here are four easy ways to minimize your organization’s chances of being hacked.

Invest in training. Most companies invest in technical training, at least for their IT departments. But all too often, the training stops there. The rest of the company’s employees are left in the dark, putting the entire organization at risk for data breaches. For many companies, the easiest way to minimize data breaches overnight is to arm all employees with the knowledge and information needed to keep information secure. There’s a motto in security: if you can’t crack the system, crack the human. Don’t let your organization fall victim to this increasingly common approach to obtaining private information.

Look at the big picture. In the IT world, we tend to focus on products and sales, forgetting to consider the bigger picture: what keeps those products secure. Even when an IT representative sells a security product, they far too often move on to the next customer and forget to follow up to ensure the product is doing its job. Engaging in the full sales cycle is a must for preventing security breaches. A large part of this involves our next point, assessment.   

Make assessment a priority. It’s great that we have installed this new system and it’s configured correctly, but does it actually work? And, a year from now, will the system be effective against the most current threats?  Let’s say we took a unified threat management system, put it out there and left it alone for a year. After twelve months, there will have been thousands of new viruses, and the customer is unprotected against all of these. In a world where new threats arise by the minute, the only way to guarantee a secure system is to assess its level of secureness after implementation. Vulnerability testing and network penetration testing should also be performed at least annually and also when there is a change to the network.

Don’t forget to monitor and manage your security system. Too many organizations spend big dollars on security and think they are protected, but in reality, no one is actually monitoring their system. A medical office with a few doctors, nurses and a small administrative staff probably won’t invest in hiring a full-time IT person, so they go out and buy a firewall product. Well, if no one is monitoring or managing the system, they have just wasted their investment. This is quite possibly one of the biggest mistakes SMBs make in regards to network security.  

It’s next to impossible to wear all the hats needed to run your business. Make sure your company is armed with a network security support team because sometimes it’s not the latest technology you need, but the best team of people to keep your information safe and secure.