Serious About Securing Your Data
Internal/External Attack Vectors
There is little doubt that there are bad people out there. Identifying where they can attack from is one of the first lines for a critical defense plan. External attack vectors are very common in that they are the great mass. Individually unidentifiable and yet still defendable. Knowing who to block and whom to allow is the important balance IT operations must strike.
Identifying what can be accessed from the inside will facilitate the manager’s design of a system with a “defense in depth” posture. The goal of any defensive system is to limit the areas a rouge employee or consultant can gain access to.
Physical Threat Assessment
Physical threats includes the identification of locations where breaches can physically be executed. Leaving the Communication Room door unlocked is an obvious invitation to a physical breach. How about Post-it Notes on monitors with the users’ passwords. We have all seen it and some of you may still have them tucked under the corner of the desk blotter… Right?? 😉
Part of our program is to complete physical assessment of potential risks. By identifying how the breach can occur and removing the vulnerably is the goal of physical threat assessments.
Security Prevention Programs
Great! You gone to all this trouble to complete reviews of internal and external threat vectors. You completed physically securing your environment and have implemented the greatest security policy you can. However you forgot to include a prevention program. So one of your employees finds a mysterious USB memory stick in the parking lot. Sticks it in their work computer to see what is on it and BAM! your entire network has been compromised.
“An ounce of prevention is worth a pound of cure.”
With our Prevention Program we can help educate employees and consultants working with you. This program can prevent the loss before it even happens.