Vulnerability and Responsibility
With the vast complexities of the digital world and its capabilities, recognising that every system will have vulnerabilities is practical. Optimisation is a goal that never ends, as all systems are in a constant state of evolution. Having this mindset is essential for creating the most efficient and secure IT operation possible.
The adage goes “Once burned, twice shy”, a truism that remains relevant to IT security. Much like burning yourself upon a stove, most IT threats are avoidable until a lapse in concentration or judgement causes problems, and it can happen to anyone.
This is the situation our team faced when one of our top clients had their secure system breached by the most basic of entry points – an email.
Such a simple every-day task can trigger a serious headache for IT managers; even with the clarity of mind to be aware of all potential vulnerabilities, disasters still happen.
An e-mail under the guise of an Australia Post communication was sent to an unsuspecting employee of our client and they opened the link. This action activated the malware within, and because she was logged into the system, the malware immediately lay a pathway to encrypt all of the data on their servers.
To add to the immediate issue; the machine being used had a copy of Dropbox on it, opening another pathway for the malware to encrypt data on the shared Dropbox accounts (the encrypted files replicated to all the third parties sharing folders with this user). This was catastrophic as the data in Dropbox was both irreplaceable and had been costly to accumulate (tens of thousands of dollars’ worth of consulting recordings and documents).
Although the data on the servers was recovered back to the last backup, there were no backups, no control and a complete security breach as malware ran riot on the Dropbox data.
Where Are You Vulnerable?
Managing such large volumes of information and users without having vulnerabilities is essentially impossible.
There are wider factors such as hackers, phishing, bots, and viruses, as well as on-premises physical issues like power loss and to add to these issues, sometimes the methods of delivery and security themselves can cause problems.
We’ve often seen a reliance on applications like Dropbox to move around and store files, which are fast and easy to use, however there is a distinct lack of control when using it.
Applications like Dropbox are like a safe made of glass. While it is certainly able to hold your information inside, Dropbox essentially has control over everything you store there. Further, outside sources may be able to see your data without you knowing and it can be easily broken into. Like keeping your information out in the open in a glass safe, using apps like Dropbox is never a matter of if but when.
While lack of control is never ideal and can be detrimental when things go wrong; sometimes users wish to use a particular program and IT managers should do their best to provide it.
Should users wish to use Dropbox, there are methods that ensure a safe gateway when using this application and we provide this first tier of security for many of our clients. Many more prefer the complete control that comes with using one-way transition products such as Sharefile.
Are You In Control?
Perhaps the more pertinent question may not be “Are you vulnerable?” but “Are you in control?”
Many times we’ve assisted clients whose IT systems have been locked down, falling behind, or becoming incompatible with the pace at which technology has been moving. As the advances in cloud technology become more visible, there has been a big rush by many companies to jump in with both feet, regardless of cost or potential vulnerabilities.
Security nowadays means more than just putting walls up to keep out intrusions. Security is ultimately about comprehensive management.
We thrive on supporting and giving businesses the free ability to manage their IT data in the way that suits them, ensuring security though management and control.
If your information has already been spread around into third party clouds we use programs such as Sharefile to place your information securely into your own corporate environment, giving you the means to retrieve your data from those sources in one-way transitions.
Our systems allow for both IT control and end user freedom; traditionally these are mutually exclusive, we merge them to create win/win outcomes. We allow end users to securely access data from anywhere, any time while ensuring IT managers retain full control.
Like giving your users a pair of mittens should they be intent on touching the stove; we ensure they are protected in their activities.
We understand the difficulties and challenges of IT teams to meet evolving issues consistently; make contact with us from our site or email to discover how we can put the IT control in the best possible place for it to be: In your hands.
This story is anyone’s story. Anyone can get lose concentration, open an email and get burnt. It can happen to you. The great advantage we offer is to protect users with mittens, and assist IT managers with the control they need.
“Once burned, twice shy” is an adage that exists for a reason. Others have learned these lessons before you so you don’t have to get burned.
Ask yourself: “Am I in control?”