Protecting Your Business
The upsurge of cloud computing has put data security in the spotlight. The main concerns of any Chief Information Officer (CIO), Chief Security Officer (CSO) and IT Manager are the assurances of information security from the cloud service providers, that is, how they can ensure data protection in a cloud computer environment.
With these concerns upheld, an inverse question is also raised about information security, explicitly what, where, and how do companies protect their important data. Increased sophisticated cyber-attacks mean reputation and revenues can be at stake.
The concept of bringing your own devices to the work place has seen business not keeping abreast with such trends. The concept of teleworking, with employees using personal devices from multiple locations to access company data has only augmented such concerns.
Although mitigation is the process of the day from those responsible for cyber security, the conservative wisdom says that the key to great security is the education of staff first and foremost. One needs to proactively work on such a brittle link - the human element. Security processes and procedures are often not kept up to date. The end users need to understand the basic rules, such as not to write their passwords on pieces of paper that are visible to everyone. On the other hand, businesses need to provide refresher information on what can be considered as common sense in order to make sure everyone is in line with company policy.
According to Tomm Gilles at Forbes, "sadly, users don't care about security—they just want to work. Don't get me wrong; I'm not bagging on users. I love users, and in fact I am a user. So are you if you're reading this blog. But with the exception of those of us in the industry who've made security our calling, users don't like security. A better approach and philosophy to ensure great security is to make it an enabler. Instead of building clunky solutions, such as manual updates and multiple logins, we need to create transparent and easy-to-use solutions. Then we can all take advantage of the great technologies that are out there to help us do our jobs better. The best security is the security we never see.
There's a lot to hope for here, such as containers and infrastructure that are put in place to prevent users from getting exploited or hacked. And network-based security that hums along quietly in the background, like your refrigerator efficiently keeping your food cool and fresh without you having to do anything. Doesn't this type of security sound way better than some of the aggressive security systems out there—where something seems to pop up on your screen every minute letting you know it's scanning or telling you to click OK or asking some arcane question that few people could answer?"
With a more transparent, comprehensive security solution in place and users having a clearer understanding about the subject, IT Departments can do a better job while embracing new technologies such as consumers bringing their own devices, as well as the widespread cloud services.