Mobility and content securityMobility and Security
By Chris Angione, BDEE writer
Business today is conducted 24/7, without the need for physical presence. Technology has allowed us to take this massive step forward, but with it comes a whole new set of problems. This is our new world; and it requires a new way of thinking
When looking at technological advances it is important to look at historical constants. These constants are pure human initiatives. The human urge is strong to advance, to become something better, and to push ourselves to the last possible extreme. Well, until tomorrow at least. To serve as example we need to look back at some of the most profound technological advances in our recent history.
In 1783, the Montgolfier brother left the confines of solid ground in the world’s first manned balloon flight. But it took another 120 years for the world’s first powered flight to be conducted by the Wright brothers in 1903.
Now here comes the really interesting part. Once a major breakthrough is established it is only fitting that we revert back to what we humans do best. We reinvent the wheel over and over again, expanding, re-evaluating, redesigning, increasing efficiency and pushing the envelope of the new technology’s limits.
Wait only another 54 years and the USSR launches the world’s first artificial satellite, the orbital communications buoy Sputnik in 1957. Add a mere 12 years and the first human walks on the surface of the moon in 1969. Just seven years later we leave our own planetary gravitational pull by exploring Mars with survey machines after their first landing on the red planet in 1976. What does all this prove? That humans are inquisitive, driven and sometimes reckless.
Later technological leaps even when compared to those mentioned above are by no means anything less astounding. Especially when taken in the context of the way the world does business in our new global community. Although we like to hold true to our values of family and culture, we do not speak the same language as our forefathers with regard to business life, nor do we do the same things, think the same things, or conduct ourselves the same way as our great grandparents, grandparents, or even our parents for that matter.
We have been plunged into a new age of dealing with the world as a whole. There are no longer any definitive regional boundaries to business. With the advent of new technologies it is as easy to do business with individuals halfway across the globe as it is to do business with you next door neighbour.
Go to any technology expo and you will hear seminars by professionals from India to New Zealand, China to Hungary, Korea to the Czech Republic, Belgium to Germany and the United States. There will be little discussion of “how we do business in my country”, but rather “how we can do business together”.
Since the end of World War II and the ensuing cold war tensions surrounding the 1950s and the launch of Sputnik, the world community has been scrambling to unleash new information gathering and coalition systems to make us all more aware, more knowledgeable, and more capable in this new world age.
Very soon after the war’s ugly flares of muscle ARPAnet the world’s first multiple site computer network was created in 1969, with the tying in of university mainframe computers across the United States. But this was again not enough and grew to the incorporation of satellite-based packet networks and ground-based packet networks. Knowledge is power and we all wanted to satisfy our insatiable appetite for it in order to feel more safe and secure.
How quick is quick?
As the devices we use become smaller, more powerful, more reliable and more portable, the ability to work how we want, wherever, and whenever we want has taken hold of our business lives. Teleconferencing, videoconferencing, email, with voice, data and document transfer to and from any location across the planet instantaneously is simply commonplace now. There are no longer any limits to our capacity to conduct business.
For instance, let’s look back at the inception of email.
According to Albert Vezza in Applications of Information Networks in 1978: “It soon became obvious that the ARPANET was becoming a human-communication medium with very important advantages over normal mail and over telephone calls. One of the advantages of the message systems over letter mail was that, in an ARPANET message, one could write tersely and type imperfectly, even to an older person in a superior position and even to a person one did not know very well, and the recipient took no offence. The formality and perfection that most people expect in a typed letter did not become associated with network messages, probably because the network was so much faster, so much more like the telephone.”
Later in 1993 larger service providers started to connect their email systems to the internet beginning a large scale adoption of internet email as a global standard.
To truly appreciate the correlation, you should know that basically a spider’s web is composed of two entirely individual types of thread. One is sticky and is used like a trap to ensnare prey while the other non-sticky type is strictly for the constructional stability of the web. “Internet technology conducts itself in no less a fashion as does a living organism. It learns, adapts, grows, and unfortunately it eats as well,” says Thomas Jackson, information technologies director of BioSan Laboratories.
The aptly named worldwide web actively demonstrates both those aspects of the spider’s web. It is home to our business formation, with its files, documentation, data and proprietary secrets, and is also the sticky net that is poised to trap and consume our efforts.
What happens when the web goes foul?
Our business data is undoubtedly the greatest asset we possess. We could be increasing profit share and with the same actions we could be sinking our profitability. For every advance we make we open our business playing field to those who desire not to play by the rules. Every time a company becomes more successful it becomes more of a target.
This struggle is fought every moment on the internet playing field by a number of different combatants. To address the major components we must look at straight hardware failures, those parties that look to exploit our information to their gain, our own labour force, and our ability to secure our own information systems from misuse and intellectual property theft.
In the event of a failure what will ensue if unchecked, is a crippling of our market strength by both freezing our inner workings, making us unable to progress and service clients, and turning productive business time into cash draining and time wasting disaster recovery operations.
Unauthorised misuse and theft
There are many terms that associate themselves with misuse, theft and attack. Headlines in the IT field have been plastered with the terms; virus, scam, phishing, data cast tapping, spam, spyware, keystroke logging, wireless connection theft, and definitely the most invasive and insidious, hacker.
It is proven that the more sophisticated the technology becomes, the more sophisticated the thieves become. It is a daunting effort to try and stay ahead of the curve. More often these days that curve crashes and sweeps well intentioned business out to oblivion.
“There’s no such thing as safe surfing anymore,” Dennis McCabe, vice president of business development at Wavecrest Computing warns. “It’s important to protect your network against spyware before it becomes a problem. The best way to do that is by monitoring user web activity in the workplace and if possible, blocking access to high-risk spyware sites, especially those offering free games or utilities.”
McCabe lists other concerns within our walls as with regard to unchecked surfing: “Misuse of the internet can be very costly. Companies can face lawsuits if employees access pornography in the workplace or download copyrighted material illegally on corporate networks. And then there’s lost productivity – it’s harder to quantify, but it is a significant drain on corporate resources.”
A follow-up study to the American Management Association’s annual survey on monitoring and surveillance reported that fears of legal liability related to “hostile workplace environment” concerns is the number one reason companies track employee emails, computer files and internet use. The study, conducted jointly with US News & World Report, revealed that 15 percent of the companies surveyed have already “been involved in some kind of legal action concerning employee use of email and/or internet connections”.
Significantly, the study reported that if a company is accused of wrongdoing, federal sentencing guidelines establish that fines can be reduced by as much as 95 percent if the company “has concrete internal programs to detect and prevent illegal acts” – such as an internet-use policy and web use management software. The report continued: “If these capabilities are not present, fines and penalties can be increased by up to 400 percent.”
How can we survive and thrive?
This is more than simply a daunting task; it is no holds barred war. If we cannot accept the responsibility of this new war campaign, security ideas and your business’s future will be nothing but a fool’s errand.
We must become increasingly aggressive in our approach to these cyber threats. We must adopt the practice of at the first hint of abuse we must have the strength of purpose to immediately scrap the compromised system and rebuilt from scratch to ensure that unauthorised access has been thwarted and the blight obliterated.
But first, a few systems must be in place to ensure recovery and make these instances fewer and farther between.
One first element is the establishing of a secure storage system. Back-up, back-up, back-up, and then back it all up again but in multiple locations on and out off site. This is most effective when using a VPN network (Virtual Private Network) to accomplish this task.
Create your own custom firewall in a multiple layered platform environment, before your sensitive information is engaged. (For example: platforms can take the form of any combination of systems like Linux/Unix, Netware, Novel, Microsoft, etc.) Added security measures can also be enhanced by employing the usage of techniques such as Off site logging, intrusion detection, and honey pots, to name a few.
Guard against viruses, spyware and spam by installing virus/spyware/spam protection on your servers as well as on the individual desktops, so that all the analysis and blocking is accomplished and the threat is cleared on both fronts and your individual work files stand a better chance.
Clearly define your company’s policy and procedures. Then train and document your employees to verify their understanding and acceptance of these policies and procedures. This can help reduce your vulnerability to many forms of suits in the eyes of the law.
Even though your exposure to these cyber threats should be minimised with these steps it is still very important to remain active in encrypting your sensitive data when sending information via email and the like.
These are just some preliminary steps to help hold your information and your business operation from suffering an early demise. You will absolutely need to adopt a viral managed vulnerability program.
Implementing these types of security measures once and then sitting back thinking you are now truly safe will spell disaster as quick as not doing them at all. Your defences have to be more dynamic and more adaptable than those advances in IT that see your information as prey.
From the Montgolfier brothers to Mars and from ARPAnet to the global email standard, business and advances in technology are living and thriving hand in hand. If we do not look to adapt and grow with this new world paradigm we may just be swallowed by it. Keep pushing forward! Keep learning! Keep growing! Keep adapting. [Go Back]
|
