3 min read

Security Leaks: Protecting On The Move

Aug 24, 2015 6:30:00 AM

Today we’re sharing insight from guest blogger Kinetic IT, an Information Technology Managed Service Provider based in South Bend, IN. We hope you enjoy Kinetic’s insight and wisdom!

Security_Leaks_-_Protecing_On_The_MoveData safety is a critical component of any successful organization. Whether you’re dealing with client information, proprietary technologies, or internal communications, it’s vital you take the necessary steps to ensure your data is as secure as possible. When working to protect data, an organization must look at every possible avenue for a breach including internal security lapses, social engineering, lax safety standards, and more.

With so much to manage, it’s easy to let something slip through the cracks. One of the most common vulnerabilities we see at Kinetic is in organizations that overlook the enormous security risks generated when data is allowed to leave a secure facility via an employee’s laptop, email, or mobile device. No matter how secure your servers, your building, or your in-house PCs are, off-site devices containing your organization’s data present an attractive weakness to would-be data thieves.

Proactive Education

The very first step in protecting data that leaves your facility is providing security education to your employees. Employees must realize your data is at risk at all times. Work with an established IT security team to create a basic list of security recommendations and require all employees to follow these guidelines. It cannot be stressed enough: Even with high-tier security solutions in your building, one laptop left in a coffee shop can completely compromise your entire customer network.

General guidelines often look something like this:

  • Never leave your laptop, tablet, or phone unattended in a public place.
  • Set your devices up so they require a password to log in.
  • Do not share your work device with a friend or family member.
  • Bring your work device in for regular security checks, updates, and upgrades.
  • Treat your mobile device like your on-site work computer. Do not download unknown attachments, don’t click strange links, and stick to surfing work-related websites.
  • If your device goes missing or starts to act strange, alert the appropriate person within your organization immediately.

If your employees take the right steps to protect their devices, you can rest a little easier knowing your data is that much more secure. Understand that the majority of security leaks aren’t the result of sophisticated hackers breaking down an internal network, but the result of carelessness or a simple mistake by one individual who exposes an entire organization.

Regular Check-Ups

It’s often the case that internal IT departments seem to forget about company-issued hardware. If it’s not in the building, it’s not a concern. This is an excellent way to open up security holes in your network. Establish a security protocol for all work-related devices. When possible, devices should feature the same security protections featured by your on-site machines (anti-virus, anti-malware, anti-spyware, etc.). Devices should also have a required maintenance schedule in which they are regularly checked out by your IT experts (or a security firm) and updated to the latest security standards.

Remember: It only takes one accidental download on a take-home computer to crush a multi-million-dollar security network. The smallest actions can have immeasurable impact.

Moving Forward

Conduct a deep analysis of your current security standards, perhaps with a third-party audit, to get an idea of whether you’re weak on the subject of off-site hardware. In some cases, the safest option will be preventing data from ever leaving your facility. In others, reasonable accommodations can be made that protect your data as it travels with your employees.

It doesn’t necessarily matter what you decide, just that you approach this off-site security with the same seriousness you approach the security of your in-house hardware.

 

This content was written and shared by guest blogger Kinetic IT. It originally appeared on their blog.

Kinetic_logoKinetic IT Solutions is an Information Technology Managed Provider based in South Bend, IN. The company is focused on supporting local businesses with both management and direct hands on support of their IT environment. Network and Server Infrastructure, Remote Access, Visualization, Messaging, Data Center Management, Disaster Recovery, and developing IT Policies and Procedures are their core business offerings. Kinetic IT Solutions strives to help drive business growth through technology.

Connect with Kinetic on Twitter, Facebook, and LinkedIn.

 

Topics: Risk Management
Gibson

Written by Gibson

Gibson is a firm of advisors and consultants that help clients get to the proactive side of insurance. We specialize in working with companies looking to find their edge—where they are growing as an organization, differentiating themselves in the marketplace, and preparing for current and future risk. Together we will find the perfect combination of insurance and consulting.