WHAT IS IT SECURITY?
These days, good IT security is essential to successfully doing business. You and your employees have to have access to the business information at all times and places, and with each kind of device. This makes your IT configuration complex and possibly vulnerable to cyber criminals. Cybersecurity is therefore a continuous process, with the aim of ensuring business continuity and preventing loss.
- 75% of computer users create passwords that are too simple and can be easily broken.
- 80% of employees use software that has not been approved by their employer.
- 68% of attacks from outside derive from unidentified ransomware.
WHICH FACTORS AFFECT YOUR IT SECURITY?
- Human factor
- Technical factor
- Organisational factor
THE HUMAN FACTOR
It is not just about technical and organisational measures these days; human awareness is the starting point for a more secure environment. The cause of most security incidents can be traced to non-secure conduct of employees, consciously or unconsciously. A modern knowledge-based worker will always find a way to fulfil his desired work style with convenient applications. If people are insufficiently aware of what your ICT organisation has to offer, you can guarantee that a shadow IT environment will arise, over which you have no control but which still runs security risks.
THE TECHNICAL FACTOR
Many organisations use security software that is out of date or incorrectly configured. Especially on mobile devices and laptops that are used outside the office. Also, computer operating systems are frequently not updated to the manufacturer’s latest status, and in many cases there is no effective firewall in operation. This leaves open ‘digital doorways’ that make an easy target for cyber criminals.
THE ORGANISATIONAL FACTOR
An organisation has to draw up defined processes, making it clear to all employees how they are to handle the measures that have been taken, and what they can do in the event of a security breach. A framework of norms, such as ISO, NEN or some other form of certification, can act as a guide to scrutinising the status of your organisation’s security. Not as an aim in itself, but as a means to getting your information protection in order and raising it to a higher level. In addition, it is very important to test the measures that have been taken on a regular basis in order to be able to demonstrate their effectiveness and operation. An organisation that does not have all this in order is therefore vulnerable to cyber criminals.
WHAT SOLUTIONS DO WE OFFER?
Aumatics has its own specialists who can train and guide your employees and organisation in matters of IT Security Awareness in order to make them aware of the security risks, the measures that are in place, and how they can deal with these correctly.
- What kind of passwords can I use?
- How do I recognise malicious websites or emails?
- How can I prevent identity theft?
- Which WiFi networks can I safely connect with?
- What’s the best security to use on my smartphone?
- What’s the best way to make my PC secure?
- How can I handle social media securely?
- What essential programs an I using which are not offered by our IT department?
From the data centres of Aumatics we offer a back-up facility to securely back up your services and restore them in the event of calamities. Restoring from a back-up may always involve some data loss because a back-up is, of course, a snapshot in time. To eliminate your organisation’s dependence on a back-up and limit data loss to a minimum, we recommend implementing a disaster recover scenario. With this, your primary IT environment is mirrored in a secondary data centre at a different location. If services should drop out, the secondary data centre will take them over. Aumatics has built up its private cloud environment in two Dutch data centres with redundancy. This means our clients can continue to work without any problem in the event of any service drop-out.
A modern device can be secured using identity management. This means that the device uses something such as an item of biometric data (e.g. a fingerprint) to allow access to it. Most modern laptops are equipped with a camera which can grant access to the device based on facial recognition. It is very important these days to use an another verification method in addition to the password. As previously mentioned, this can be an item of biometric data, but it can also be a code generated on the user’s smartphone. This method is also referred to as Multi/Dual Factor Authentication.
All employees must have a clear understanding of how the organisation deals with the security measures that are in place. Every organisation should have its own procedures for the following matters:
- How can employees best use the measures?
- What action should be taken in the event of a security breach or data loss?
This is only a small selection of the measures that should be taken to ensure that an organisation is doing everything possible to protect information. Furthermore, all the procedures and measures need to be tested regularly to guarantee that they work properly. Aumatics helps to draw up and implement the procedures.