Dig up your high school yearbook photo and you’re likely in for a laugh — the clothes, the hair styles, the glasses are distant memories for most of us. That snapshot of 18-year-old you is unlikely to be confused with who you are today.
And yet when it comes to IT, many organizations often find themselves the victim of a kind of snapshot syndrome, the common misconception that our environments exist in the state in which they were last measured or assessed. In reality, most infrastructure, policies, and processes are in a continually dynamic state, and just like current you compared to your high school yearbook photo, only a few undergo limited changes. Continue Reading…
Every year we regularly schedule physicals, oil changes, car inspections, and other appointments in order to keep the systems that we depend on running at peak operational efficiency. There might not be anything noticeably wrong to necessitate one of these checkups, but that’s not really the point. The purpose is to take a proactive approach to system maintenance in order to catch any coughs or hiccups that might later call for an expensive fix.
SHI recommends a similar preventative approach to IT security. Organizations need to regularly assess their security programs to pinpoint small issues that could later turn into devastating security leaks. They can do this internally or hire a professional security services team.
To help our customers confirm that they deployed their security controls properly and identify any security gaps that might exist, SHI developed the Security Posture Review (SPR). The SPR is an assessment designed to evaluate various technical and operational security controls within an organization’s IT environment, which will help maximize security spend.
Our SPR consists of three phases: Continue Reading…
If the news is any indication, IT security (or the lack thereof) is a growing concern among companies of all sizes. In the wake of reports that Chinese hackers are engaging in commercial cyber-espionage, some companies are calling for a go-ahead to hack right back when they fall victim to such security threats. Breaches by hackers from Syria, Iran, and other countries around the world signal the need for a new approach to guarding IT infrastructure.
But even beyond hackers, there are a number of threats to corporate IT systems that can disrupt business and gouge bottom lines. Let’s look at some of the major threats and how companies of all sizes can mount a defense to keep their systems secure.
Top four IT security threats
From outsiders to your own employees, here are definitions for four of the most common vulnerabilities in corporate networks:
- Hackers. One of the oldest and most commonly understood threats, hackers work as individuals or groups to leverage weaknesses in an organization’s IT infrastructure to gain access to its systems. Through the years this access has dramatically evolved from young pranksters seeking little more than bragging rights to today’s organized groups of cyber criminals stealing financial and proprietary information for financial or political gain. Today’s hackers use both manual and automated processes to break into an organization’s IT infrastructure.
- Malware. Malware refers to any type of malicious software used to infiltrate private computers or networks in order to gain access to sensitive data. Malware is also used to slow down system performance by utilizing memory, CPU, and other system resources. Wikipedia offers a comprehensive list of the different types of malware, including computer viruses, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious browser plug-ins, and rogue security software. Continue Reading…