Social media, BYOD, and mobile computing are changing the landscape of security threats. To address them, you should build your security strategy around the following five practices. But don’t stop there. Security measures need to evolve as threats change over time.
1. Overlapping access
Access to company email and data can be compromised when social media apps that track interaction and content reside on the same devices. When employees use the same device to access consumer-centric social media and enterprise applications, tracking technologies can intercept sensitive information. Set up blocking technology or deploy separate devices where necessary.
2. Expand your view
The connected user creates multiple endpoints, each with different access capabilities and applications. Mobile devices and laptops, as well as desktops at home, increase the number of openings that intruders can access. You need an overarching approach to data access and escape points.
3. Never stop auditing
Periodic audits are a thing of the past because software update cycles are continuous and new threat vectors can appear at any time. Real-time tracking and monitoring should be coupled with security advisory services that monitor global threats. These subscription-based feeds deliver timely advice you can use to take proactive action that prevents attacks.
4. Get professional help
IT is responsible for overall computing security, but unless IT is staffed with security experts, it is unable to build the robust and knowledgeable defense needed to protect today’s computing environment. If you have a dedicated IT security team, you are ahead of the game. If you don’t have security experts on staff, your choices are to add internal staff or contract with a firm that can devote the expertise and time on your behalf.
5. Users can’t always help
Even when users are diligent about following security best practices, they aren’t always able to detect and stop intruders. With that in mind, you need to implement strong security safeguards that are monitored constantly and updated frequently, and set up policies regarding the use of all user-supplied devices. There is little room for self-help when it comes to protecting enterprise data exposed to devices and services used by employees. To be effective, protection must be deliberate and continuous.
The message here is to look beyond the standard enterprise endpoints and protect every vulnerable segment and endpoint. Put effective policies, knowledgeable staff and proactive systems in place, and be aggressive about protecting your assets.
How far have you gone to create comprehensive security?
http://networkingexchangeblog.att.com/enterprise-business/5-issues-to-guide-your-enterprise-security-plan/
