The current recession has put huge strain on companies across the board.To ensure their survival, it is critical that their costs are closely monitored and strictly controlled. With users being able to access the Internet, send and receive e -mail and browse the local network, often in an unstructured manner, it is more important than ever that employees are monitored and kept productive.
A recent security survey by Ernst & Young highlighted that 70% of security breaches that involve losses of more than R1-million, are perpetrated internally and most often by disgruntled employees.
J2 Software MD John Mc Loughlin says many IT administrators and business managers do not have the tools to know what users are doing on the organisation's computers and on the network.
"Very little consideration has been given to providing solid management systems to ensure that the investment in technology delivers maximum benefit. In essence, in these tough times it is extremely important that executives take corrective steps and ensure there are preventative measures in place for this."
He says there is a higher possibility and probability of theft of sensitive information for profit in these difficult times. "The modern day executive has a duty to protect the organisation from these types of abuse and theft.
"The key word is 'duty', they cannot sit back and claim 'we did not know this was happening'. This duty extends not only to shareholders and investors, but includes a duty to customers (such as protection of company sales and customer-sensitive information), suppliers (like price lists and strategies) and employees."
Despite more security issues than ever all competing for organisations' attention, the seemingly unstoppable rise in the use of portable storage devices in the workplace is a risk that needs urgent action. In addition, laptop security is a threat that every company should take seriously. As their use of mobile computing evolves, so too should their security policy. The emerging and constantly evolving world of mobile working requires a constantly monitored and adapted security policy to accompany it.
Mc Loughlin warns that there is an inescapable trend that needs urgent attention from the board. "The increasing threat of confidential data being removed from the network inside the organisation through the use of removable media devices such as cellular phones, USB flash drives, 'plug and play' hard disks, PDAs and MP3 players.
"But what can possibly be dangerous about these devices? The threat is that they have massive storage space, enough to save an entire customer database, a company's financial records and HR files. After all, an MP3 player is just a big hard disk," he explains. "Now consider that one of these devices can be connected to any PC on your network and used to copy hundreds, if not thousands, of sensitive files in a single minute without anyone noticing."
Many organisations are now looking for solutions to cover the obvious gaps in their approach to information security. The changing requirements of information security are evolving rapidly and these organisations need to find comprehensive, simple-to-use solutions — based on a whole new set of emerging challenges and threats.