Information security in the IT department
IT security continues to be one of the main concerns of companies around the world. This is so true that a global report from PWC consulting informs that in 2015 there was a 38% increase in the number of incidents with business data in relation to 2014. For 2016, the forecast is to have records in cyber-attacks, especially related to mobile applications. Given this, you need to prepare.
In this article, you will understand what the main threats to information security are, which risks your company is exposed to and how the IT department must take action to deal with them. Keep reading!
Mobility brings new IT security challenges
There’s no turning back, the world is increasingly mobile — as early as 2014, according to IDC consulting, 104 smartphones were sold per minute in Brazil. But, like all great technological and behavioral change, there are challenges. One example is the adoption of BYOD, a practice in which the company’s employees bring their own devices to use enterprise solutions. The problem is that, in addition to not knowing the practices and tools to protect information in these devices, they end up burdening the IT department, which now has to deal with many points of vulnerability.
The challenge is in making the automated and efficient management of these devices on the corporate network, as well as establishing parameters and access controls outside the internal network. You can also check another one of our posts on the common mistakes of monitoring network traffic that you need to avoid.
What can be done so that mobile devices are not security threats?
The truth is that everyone is learning how to deal with this phenomenon that is mobility technology. Some actions can be taken:
- Deploy layers of security through partitions on devices, separating the data as you go;
- Protect network connections, separating mobile devices from computers to better manage and monitor;
- Strengthen the identity control and access to the enterprise systems;
- Educate users.
The internet of things sharpens the ambition of cybercriminals
Another point of attention for enterprises from 2016 is the Internet of Things (IoT). Since the number of connected objects increases every day, the interest of hackers in making attacks and finding vulnerabilities also increases.
And because companies are also increasing the adoption of connected hardware, IT departments come into alert.
What can be done so the internet of things does not become a security threat?
The first step is to increase the rigidity in technical inspection when acquiring connected objects. Create a specific network to isolate the connected objects of employees (tennis, pens etc.) can also help in monitoring and network management.
Similarly, requiring support from suppliers of connected devices can help a lot. For employees, awareness continues to be an excellent ally.
SaaS solutions require more technical rigor from the IT department
The ease with which one acquires software as a service (SaaS) today is impressive. So much so that a phenomenon called “shadow IT” is emerging, which is nothing more than the fact that remaining areas of the companies end up buying solutions without the knowledge of the IT department.
The problem is that not all cloud solutions and services are safe. It is vital to be extremely careful when acquiring a system so as not to put information security at risk.