Scandals of security breaches into companies’ databases, which hold sensitive financial and personal information about their customers, have been regularly in the news for some years. Everyone remembers the cases: PlayStation’s hacking scandal in 2011, T-Mobile’s biggest case of identity theft with thousands of customer data being sold by an employee in November 2009, and the cases of data theft in customer service centres in India in 2006.
The Department for Business, Enterprise and Regulatory Reform found in a telephone survey in 2008 that 96% of the larger companies (> 500 staff) had in average 400 security issues each year which costs them up to £2 million per case. This highlights the fact that data thefts do not only harm the customers, but also costs businesses a huge amount of money. Here, it is raising concern that a shift from career hacker towards organised crimes is taking place nowadays. It becomes clear, individuals inside and outside the organisation present potential risks which need consideration within businesses’ data protection efforts.
Consequently, organisations need a documented security policy to protect the sensitive areas of their business from corrupt departing staff, employees or hackers. Therefore, people who are aiming to work in the network administration of a company need to be aware that data protection skills are increasingly necessary. Looking at Cititec.com Network Admin Jobs will further highlight this.
Developing a Network Security Strategy
Many businesses focus a long time only on perimeter defences to protect their network, which include firewalls, antivirus software and any other cyber-attack detection tools. Unfortunately, medium sized companies are facing limited budget and staff which hinders developing the full protection of the whole business above the earlier mentioned perimeter efforts.
Therefore, it is recommended to find low-effort solutions which protect the core business and its critical assets from the most significant internal and external risks. Each business ought to analyse those risks by reviewing where data is stored and who can access it.
Data at risk includes business, financial, human resource, and customer data as well as intellectual property such as plans, documents, patents, or trademarks. Thus, very confidential corporate data should be encrypted. Generally, the management should develop a ranking of access levels which different staff is allocated to.
Certainly, staff members need to be informed about the security policies, and guidelines about what is allowed whilst handling confidential data. Also, nobody should be enabled to use external memory devices. As a result, USB ports and DVD burners need electronic or physical locking.
Each company should consider investing in a data loss prevention system which protects and blocks sensitive data when needed. No matter which internal network security solution an enterprise decides to use, it is important that the solution is extendable to mobile devices such as tablets, smartphones, and apps. Interestingly, according to the website ‘Good’, 77 per cent of the U.S. companies experienced data leaks through portable devices. Finally, IT professionals must be skilled in performing a server patch management on a client’s desktops and the company’s servers on a very short notice.
For more information on network and programmer jobs take a look at Cititec.com Programmer Jobs.