In the universe there are things that act and things that are acted upon. This universal law may be applied to IT Security. There is a difference between IT Security and Information Security (Infosec). Information security refers to the processes and tools designed to protect sensitive business information from invasion, whereas IT Security refers to securing digital data, through computer network security. For our purposes here let’s combine them in one term – IT Security. Does act or be acted upon mean that if you act you won’t be acted upon? No, not really. It does mean that if you act then you are less likely to be acted upon, you may even prevent someone from acting upon you or if you are acted upon the consequences may be less severe.
What are the things that act upon us? The biggest thing that acts upon us are employees. They introduce malware through Viruses, Spyware and Ransomware. They take our customer lists when they leave for another job. They share our information with competitors. They leave and start their own competing businesses. The crazy things employees do seem endless! On the other hand, they are your greatest asset. Therefore, it is time to act. Are you acting by training your employees about IT Security? Are you acting by restricting employee access to databases? Such as on a “need to know” basis. Are USB drives permitted? How do you limit access to your servers? Do you know where your data IS? This may be an area where you could act.
Less visible things may be acting upon us. Is the air in your building acting upon your IT equipment? Where are your computers located? On the floor? How often is the dust cleaned out of the computers? Is your server room temperature-controlled? Is the air in your server room clean? Or, do your servers have direct access to welding fumes from the shop floor? This may be an area where you could Act.
Are you ready to act rather than be acted upon? Maybe it is time to act and look at alternatives to an IT person or an IT department. It may be difficult to hold an employee or employees legally responsible for a breach when they work for you! That however is another discussion. To act and find out more about a model that is different from anything that you have seen before call Dean at 435-340-0799 or email firstname.lastname@example.org for an introduction to CompleteCloud – The Most Secure Private Cloud in the Country.