Skip to: content | sidebar

[2019-07-01] Near Source IT becomes official Canadian distributor of the FUDO Network Security Appliance

Security Services

Security is finally beginning to be taken seriously by more and more people as news of large corporate networks being compromised, with perpetrators making of with millions of credit card numbers, or terabytes of sensitive data.

Security is usually seen as being contrary to usability, and as such is often forsaken as a cost saving measure. Trading security to save training and implementation costs may seem like the right choice at times, but when the inevitable breach occurs, the damage to the reputation of your business, and the relationship with your customers, has an almost incalculable cost. The importance of information security grows each day, as the threat of cyber terrorism increases, and more consumers are demanding that their personal information be treated with care and respect, you cannot afford to remain idle. Information security is the contrivance of confidentiality, integrity, and availability; ensuring that you private data is not disclosed to unauthorized entities, altered and/or damaged in any way, or unavailable due to hardware failure or concerted attack has become mission critical. This protection must encompass the entirety of the information processing system, from the servers and storage networks, down to the notebooks and mobile devices that may contain or have access to sensitive data.

The real cost of a lost or stolen computer is not so much the capital cost of replacing the physical machine, but the loss or potential disclosure of the data that was contained in that device. Encrypting the hard drive to protect the data, especially on notebook computers, has become almost common place. However, most commercial encryption systems, including even those from PGP, contain encryption by-pass features that allow an unauthenticated user to access the data, or allow a lost password to be recovered. If your data is truly sensitive, then such backdoors enabling access to the encrypted data negate any security benefit of encrypting the data in the first place.

Enforcing security in a corporate environment requires a clearly defined policy, that is both thorough enough to cover all aspects of security, provides sufficient detail for those implementing the policies, and is clear enough that it can easily be understood by those who have to follow the policies. Having your security policy written by experienced professionals can ensure that all of these requirements are met, and that the policy is more than just a large document whose use is mandated, but for which the implementation is impractical.