Keeping Data Secure Is Tougher than Ever
New ways of collecting and analyzing data are creating new opportunities for companies to gain an edge over their competitors and grow their profits. But while data has the potential to create profits, it also has the potential to take them away. If hackers get their hands on your company's data, they can wreak havoc on customer relationships and cause tremendous damage to your brand and reputation.
Security Threats are Proliferating Fast
One thing I've learned during my tenure as editor of eSecurity Planet is that security threats are proliferating so fast, it's tough for even the experts to keep up with them. The most disconcerting thing about high-profile breaches like those at Target and Neiman-Marcus is how long it can take to discover them and how difficult it can be to pinpoint specific methods used by attackers. Hackers themselves have trouble keeping up, as evidenced by a hapless group of attackers who boasted of breaching a British bank website only to discover they had actually attacked a phishing site.
Does that sound scary? It is.
Here is something that may make you feel a little better. (Or it might make you feel worse, depending on your security posture.) Because there is so much low-hanging fruit, hackers tend to focus their efforts on obviously insecure trees.
My goal as editor of eSecurity Planet is to offer advice that companies can use to eliminate the kinds of security gaps that hackers love to exploit. Recently, for example, we published a piece that contained six tips for fighting SQL injection, an attack technique that experts believe is involved in the overwhelming majority of data breaches.
Security Tips: Control Weak Passwords and Train Employees
Weak passwords are another well-known security risk. Yet many users opt for convenience over strength when selecting their passwords. Luckily, there are a number of tools that can help security professionals enforce password policies – a number of which we included in this recent article.
Training employees on security is an obvious best practice, but it's one that a surprisingly high percentage of companies ignore. It's especially important given the large number of employees who admit to practices such as not using passwords on mobile devices used for work. Given this, we collected some suggestions for offering security training that actually works. Targeting training to specific groups of users rather than giving the same presentation to everyone was just one of the good ideas in this piece.
Traditional Network Security is not Adequate
Of course, low-tech practices like employee training only go so far in solving your security challenges. As threats have become more sophisticated, so has the hardware and software designed to help companies detect and mitigate those threats. Because experts agree that traditional perimeter-based approaches to network security are no longer adequate to protect today's mobile workforces, we produced a deep-dive on next generation firewalls, complete with case studies and a handy product comparison matrix.
We also strive to offer coverage that goes beyond the angles that you can readily find elsewhere. Just about every publication spotlighted the XP-related security risks for PCs still running Microsoft's aging operating system. But eSecurity Planet's Sean Michael Kerner took a look at the world's ATMs, the majority of which run XP, to find out if banks – and their customers – should be worried about XP's end of life.
I am nothing if not a realist, so eSecurity Planet even offers coverage that can help you respond effectively to a data breach and minimize your losses if one does occur. If you worry about securing your company's data – and who doesn't, these days? – check out eSecurity Planet.
Ann All is the editor of Enterprise Apps Today and eSecurity Planet. She has covered business and technology for more than a decade, writing about everything from business intelligence to virtualization.
This article was originally published on April 17, 2014
Stay up to date on the latest developments in Internet terminology with a free newsletter from Webopedia. Join to subscribe now.
From A3 to ZZZ we list 1,559 text message and online chat abbreviations to help you translate and understand today's texting lingo. Includes Top... Read More »Huge List of Computer Certifications
Have you heard about a computer certification program but can't figure out if it's right for you? Use this handy list to help you decide. Read More »
Computer architecture provides an introduction to system design basics for most computer science students. Read More »Network Fundamentals Study Guide
Networking fundamentals teaches the building blocks of modern network design. Learn different types of networks, concepts, architecture and... Read More »The Five Generations of Computers
Learn about each of the five generations of computers and major technology developments that have led to the computing devices that we use... Read More »