Request Information
1.877.459.4347

Request Information

or Call 1.877.459.4347

Evolve IP’s Scott Kinka Responds to the Latest USA Today Article

September 29, 2014 / Scott Kinka

USA Today recently published research showing that 43% of companies have had a data breach.

My response?

It’s an interesting article. Unfortunately, the only actual “reason” mentioned in here is human capital. Front door attacks are designed to fool end users into giving away the keys to the kingdom. And even more unfortunate, is that there is little that we can do on the network security side to ensure that people aren’t fooled.

Many people try to migrate to the cloud rather than start fresh there, which perpetuates many of the hidden dangers of their previous architecture. That’s certainly one thing to leverage. But if you look at this article, it accounts for at most 20% of the breaches. The remainder are employee negligence… Could they have put IT department negligence in here? Possibly, but it doesn’t gel with the point of the rest of the article.

I think the second thing to think about is that resources used in the cloud are easily provisioned, easily torn down and don’t reside on local equipment, so, at the very least, it eliminates or reduces the human element of leaving a laptop behind, physical security of a data center, not locking a local desktop, etc. This is all also happening in an era where BYOD is becoming the norm. If someone doesn’t have a password on their iPad, they receive an email with customer information, and someone picks it up at Starbucks, is the company to blame? Or the employee? Or both? Which leads to Mobile Device Management…

MDM is going to start to drive the discussion in the next few years. Again, you can’t stop people from being purposefully negligent, but you can prevent them from being careless. No password on your iPad, no access to corporate data. Remove your password, wipe all corporate content or the whole device. You also have to consider what applications the business allows for use on these devices for IM, social media, etc., which are now increasingly becoming targets for phishing attacks.

Another topic that has been around forever is DLP (Data Leak Protection). People really haven’t understood what it is and how to use it, but with these numbers swinging so dramatically towards people as the cause of breaches, companies with compliance concerns will be forced to consider a stance on DLP. There are simple solutions that can be added to email servers and other data “exit” points that are not difficult, and can live in the cloud.

Most importantly, it’s education. Companies are just not taking the people element seriously enough. Companies with compliance risk will need to have cyber education programs for employees to identify and understand how hackers are trying to leverage them as a security breach. I fully expect that governance around corporate education may find its way into HIPAA and PCI regulations in the next few years.

How can we leverage all of this? We have to deal with these kinds of issues every day. And while we all may not have easy to buy services yet for all of these items (although several will be released this quarter), we’re watching and are ahead of where our customers can be.

Categories: Security & Compliance
Listening To Needs. Solving Complex Challenges.

Helping enterprise IT focus on business results, not infrastructure

  • One of the nation’s largest and fastest-growing dermatology businesses estimates savings of $6.45 Million over 5 years

    View Case Study

    “Evolve IP’s digital workspaces have allowed us to acquire more practices in a faster and more profitable way. That is resulting in bottom-line cost savings and top-line business benefits.”

    – Jeff Francis, Vice President of IT USDP

  • International Law Firm Drives Communications Reliability Across 60+ Worldwide Locations and Saves Over $300,000 a Year

    View Case Study

    “That’s the type of proposition I like to bring to a Board of Directors. When I can say, ‘we can get everything new, be completely redundant, it can meet all of our needs and oh, by the way, we are going to save over $300,000 a year.’ It makes it easy for me to sell!”

    – Ken Schultz CIO of Ogletree Deakins

  • Financial advisory firm enables employees to Work Anywhere with an integrated platform

    View Case Study

    “The transition has been almost seamless to our folks, working from home full time. My team looks like heroes right now.”

    Ryan Easter, Director of IT and Principal at Johnson Investment Counsel

Simplify and future-proof your technology footprint with Evolve IP

It's nearly impossible to stay on top of every change in technology. Partner with Evolve IP and gain the combined experience of hundreds of technologists, all acting as an extension of your IT team. Helping you do more with less.

close

Contact Us

or Call 1.877.459.4347