Common Security Concerns

Common Security Concerns that CSOs and CIOs have

Security Manual Template - Common Security Concersn
CIOs and CSOs often are tasked to address user and C-Level management’s common security concerns. The Security Manual Template and its associated items address each of these in detail.

When the CIOs and CSOs discuss common security concerns these five topics always seem to appear:

  1. Surfing the web anonymously is a thing of the past – As online tracking systems become more sophisticated and harder to shake, the likelihood of private, anonymous browsing is becoming a long-ago memory. Take into account the latest ISP changes, where the U.S. government allows providers to not only track, but sell your browsing history without your consent. These changes in “net neutrality rules” require users to be more vigilant about their own browsing patterns. You can guard your activity by logging out of search engines before browsing, clearing your cache and search history, and switching to a private browser to minimize the various ways your browsing history is catalogued.Order Security Policies and ProceduresDownload TOC security policies
  2. Anyone gain access your webcam – Hackers can and do target cameras by disabling the light that notifies of access, and keeping tabs in order to commit some sort of crime. Many users have responded by putting dark tape or coverings over their computer’s webcam. But as more smart devices are created and purchased, the surface area for webcam hacking only expands. Think, for example, of all the places you take your smartphone, with its built-in camera almost always pointing in your direction. The malware used to hack webcams, known as RAT (remote access Trojan), is often spread through spam email. Once clicked, the software is capable of disabling your light so you’re never made aware of anyone watching.
  3. How to protect against identity theft – Be wary of sites asking for personal information to complete a basic task, such as subscribing to a newsletter. When submitting personal information, such as your address or payment method, check for https versus http and never submit this information to a party you’re not familiar with or for a request you don’t remember making.Protecting your identity, at its core, always comes back around to common sense behavior online. Understand risks, practice careful consuming, and taking precaution to diversify passwords and watch out for phishing schemes.
  4. Free antivirus software is not free – You get what you pay for in the area of antivirus and malware protection. If it is free a lot of people use it and when there is a security hole – hackers will attack.  That is opposed to paid programs were vendors constantly update the software to address new issues as the occur.
  5. Are tablets, Smartphones and Macs safe without antivirus software? – Though the Android and Mac OS X boast of operating systems that claims they are tough to breach, they still contains weak access points. Just like any tool that surfs the web or connects to wireless routers, security is needed to scan all those items you click. (Recent research suggests Macs are now more vulnerable than PCs.)While these devices have often carried around the title of most-secure operating system, it doesn’t hurt to back up your devices with the latest antivirus security protection.

Top 10 Wearable Issues

Top 10 Wearable Issues

Top 10 Wearable Issues – Over 33% of all organizations surveyed by Janco have revealed they have more than 5,000 connected devices. Add to that, Cisco predicts there will be more than 600 million wearable devices in use by 2020.

These facts present a set of challenges for CIOs and IT enterprises of all sizes.

  1. Easy physical access to Data
  2. Records management, retention, and destruction
  3. Business continuity is significantly more complex
  4. Photos, Videos and Audio can be captured without anyone knowing it
  5. Instant access to outside Wi-Fi and cellular systems facilitates rapid dissemination
  6. Insecure wireless connectivity
  7. Lack of encryption
  8. Lack of formal policies with limited regulation or compliance –
  9. Software and Firmware version control
  10. Current MDM Policies Don’t Cover Wearables

Read On…

Top 10 Wearable Issues Download Selected Pages

Security is a pipe-dream

Security is a pipe-dream,  few enterprises are fully protected from events that have occurred in the past several months.

Not many CIOs and CSOs feel they have 100% of their security risks covered. In a recent survey that was published in NetworkWorld:

  • 55% said that was the case
  • 40% said they hope the had all of their security bases covered
  • 6% said that they did

With only 6% saying they had all of their bases covered there is lot of room for security hackers and data breachers to attack the systems in place.

Now that we know that a security breach may occur, how sure are these same CIOs and CSOs that they will be able to react in time. The first step is detection that a hack or breach has occurred. In another survey by Janco Associates we found that in midsized and large enterprises:

  • 35% had a detection solution in place and they automatically quarantined the server(s)
  • 43% had a detection solution in place but had to “manually” quarantine the server(s)
  • 23% had to “manually” put the server(s) offline when they found out they had a problem

When you put these two sets of data together, you conclude that less than 2% of enterprises are protected adequately enough to prevent a major security hack or breach occurring.

Disaster Recovery / Business Continuity &
Security Template Bundle

ISO 27000, Sarbanes-Oxley, and HIPAA Compliant
PCI-DSS Compliant

Order DRP BCP SecuritySample DRP Security Manual

Experts Agree You Should Update Your Plan Annually

Security is a critical concern during the recovery process

It goes without saying that every company, regardless of size, needs a concise business continuity plan in case of an emergency. If you don’t have a disaster recovery plan or haven’t updated yours recently, now is the time to take this critical step to protect your business.

%d bloggers like this: