I’ve argued, for some time, that laptop and mobile device encryption should be an absolutely standard security measure – mobile devices will get lost or stolen, and boot disk encryption is the only realistic way of protecting against the risk of someone accessing data or using the device to access your network. In fact, my company now has published Green Papers on the subject of Encryption, and we’ve recently become Sophos and Symantec distribution partners. Device encryption is a security measure as fundamental as fitting security bars to a shop window in a dodgy neighbourhood (and, believe me, the Internet is a seriously dodgy place to hang out).
Vulnerability scanning and penetration testing is now just as fundamental – it’s a bit like doing a routine inspection of your various perimeter defences (security grilles, door and window locks, fan lights and cat flaps) to make sure they’re still doing their job – after all, rust, a loose screw, a broken key or an incorrectly shut fan light window could give a cat burglar an illegal ingress opportunity – in much the same way that an unpatched website vulnerability or inadequately secured firewall will allow free access to your networks by a cyber hacker (most of whom are way niftier thayour a average cat burglar) – where they may sit, undetected, for months on end, waiting for valuable data to come their way.
Would you be happy to have a ruthless burglar living, undetected, in your attic? No? So why allow them to hide inside your corporate network? Start routine vulnerability scanning and penetration testing today…….confirm that the windows are actually locked and that you’re hacker-free.
