2013 saw the most data breaches ever recorded and the realisation that security needs to be embedded in an organisation’s culture.
Gartner highlighted in a recent study that “easy availability of malicious software and infrastructure can be used to launch advanced targeted attacks.” This resulted in the realisation by many organisations that traditional security approaches have gaps, especially as companies become increasingly digital, mobile and data-based.
The growth of cloud applications and virtualisation software has resulted in the requirement for rigorous corporate policies and business practice reviews. Security products today need to be configured effectively to enable constant monitoring and work hand-in-hand with the companywide strategy. Compliance is no longer sufficient to ensure data is secure and networks are resistant.
Everyone who comes into contact with data can be seen as a risk. No longer is endpoint software and email gateway the only concern. Cloud applications, such as Dropbox and Facebook, have been highlighted as a direct threat; due to little supervision by organisations or IT departments. People inherently like to share their world without understanding the risk, especially within the work environment. The continuing demand for privileged based access control solutions, ensure employees have the correct level of access for their professional role. These obviously need to be backed up by well-communicated and workable policies, especially if the organisation welcomes BYOD.
Given today’s security threats, an organisation’s best practice plan needs to stand up to ICO scrutiny should the worst happen. Devising an organisation-wide strategy whilst countering the threats of the here and now is no mean feat. Should you need advice on the best route to developing an optimum security posture and long term strategy, whilst becoming secure by design, contact Trustmarque on 0845 2101 500.