About
Subscribe

Companies should re-think security

In a country where personal and tangible asset security are a way of life South African companies need to re-evaluate their thinking around data security
By Andrew Brown, Division Manager, Spartan Technology Rentals
Johannesburg, 16 May 2000

How many of us who manage a corporate IT Infrastructure takes Network Security seriously? From my experience very few. Most of the time data theft is something that passes unnoticed by those within the company, including the boss. If a user on the network decides to make a copy of the company`s client database and mail it to himself, a friend or the competition via his Hotmail account or a visitor wants to download company information onto his notebook, what is there to stop him? In short - NOTHING!

Compare the above scenario with an employee trying to steal a PC from a company. Most companies have expensive access control systems and security guards searching cars after hours to ensure the company`s assets do not walk out the door.

But which is more valuable, moveable assets or confidential information? Unfortunately even though confidential information is more valuable, no one is going to notice such theft, as nothing changes and the information is still on the system, whereas the visible movable asset is clearly nowhere to be found.

Although some companies do take the precaution of securing their network, with a firewall, from predators outside their environment (once again many South African companies seem blissfully unaware that even this basic precaution is necessary), how many South African companies have put together a comprehensive security policy that caters for employees, visitors and external thieves? To my knowledge less than 40%.

In the same way that we secure a company`s movable assets by appointing a responsible person in charge of security and allocating budgets for access control and security personnel, so we need to do the same for the company`s most important asset, ITS DATA.

The securing of a company`s data is a broad subject, but one which I intend to explore in the next few articles.

Share

Editorial contacts

Andrew Brown
Dynamic Recovery Systems
andrewb@drs.co.za