
Ease Does Not Determine Legitimacy
In the IT world, we can access data quicker and with a fraction of the effort required three decades ago. And with that quicker and easier access, comes responsibility. Just because data and systems can be accessed with relative ease, it does not mean that they should be accessed; or that the ease of access implies a right to access.
The need to respect boundaries and privacy of data is just as important today as it was before the widespread introduction of computers, and the internet. 60% of data breaches occur because of internal vulnerabilities, and no business can afford to ignore the risks.
Security Management is not a bunch of tools and equipment; it is an acquired mind-set and way of thinking. Your local IT geek or team, for the most part, spend their career making systems and data more shareable and accessible. For the most part, they are unaware of what they don’t know. Many will adopt offsite or cloud services for their clients, without little or no due diligence, other than reading the marketing hype.
Over 90% of security breaches that I get called to look at, could have been easily avoided with an active internal company security policy and a properly managed network.
The principles in Microsoft’s 10 Immutable Laws of Security Administration, published in 2000, are for the most part still relevant today.
“Law #7: The most secure network is a well-administered one
Most successful attacks don’t involve a flaw in the software. Instead, they exploit misconfigurations.
The most important tool here isn’t a software tool—it’s procedures. Having specific, documented procedures is an absolute necessity. As usual, it starts with the corporate security policy… The more specific these procedures are, the better. And write them down!”
I always advise having a proper security audit carried out, to determine the level of risk in your business.

Eric Donn
Share this Article:
Recent Posts

Ease Does Not Determine Legitimacy
Ease Does Not Determine Legitimacy In the IT world, we can access data quicker and with a fraction of the effort required three decades ago. And with that quicker and

DNS Server Management | Product Brief
DNS Server Management DNS Server Management is a specialised service for managing Domain Name System (DNS) connected devices, services and resources. In short, DNS translates alphanumeric web and email addresses

Chasing Ghosts: Why Some Technicians Waste Time
Chasing Ghosts: Why Some Technicians Waste Time There is a phenomenon in IT that I call “chasing ghosts”. This is where technicians spend time and energy trying to solve “phantom”