The use of the internet is growing. More companies are allowing their employees, partners, clients, suppliers to access their information systems. Therefore, it is necessary to know which company resources need to be protected for controlling the system access and the user rights to it.
What are we exposed to? What is the cost of having no information security?
To calculate the costs of business security failings is not easy. Cost will depend on the value each company gives to its business critical information.
New threatening scenarios for business information security
Unfortunately the risks that threatening our business information are not exclusively external (cybercrime, spyware, badware, phishing...).
The growing trend in companies towards flexibility is resulting in a “nomadic” and “teleworking” lifestyle. This allows employees to connect to information systems from almost anywhere, which means, taking part of it outside business security infrastructure with the consequent risk of security.
In these scenarios, the use of USB sticks, smartphones and PDAs is extensive and all of these can store large amount of information, (often business critical information) and can lead to theft and loss of sensitive business information (when changing jobs, almost 90% of employees take information and business data with them).
Let’s give a quick thought: What might be the value of a document showing the company’s strategy for next year? What is the value of a list or database of our best clients?
How much does our company’s Forecast (sales forecast) for this quarter cost? What is the value of the company’s personal plan?
It is very difficult to valuate such economic information, but we would surely give it more value if at some point it became public or even felt in our competitors’ hands.
We should let specialists advise us
Most employees are unable to assume security as part of the corporate culture. In most cases information leaks are via employees.
In the past two years in Spain requests for IT expert reports on investigating business information leaks to the competitors by employees have increased considerably.
There are “internal” and “external” risks. New models of cybercrime, spyware, badware and phishing, etc. that force us to find flexible solutions for protecting our business information.
Therefore, it is recommended to let security experts advise us to know in detail the threats to which organizations are exposed to as well as the inefficient of traditional security solutions. This will allow defining adequate information security plans for the business to use from this point on.
Grupo Euclides offers the following security services for business:
