Thursday, December 6, 2007

Are you really secure?

This afternoon I'm on the security panel at the Atlanta ITEC show. I've been fortunate to be on this panel this fall at the various cities that ITEC has visited, and one thing is certain, IT folks really don't grasp the real security issues in their company.

Sure, they have firewalls, filters and even encryption, but many have no idea on the threat from data loss from USB sticks, iPod's or any other device that can connect to computers in their company and have some sort of storage on them. Heck, even a camera can mount as a storage device. And with a 2 or 4GB card in it, a lot of data can walk out the door.

Another major hole that folks don't think of is the security surrounding their PBX. Next time you are in the office on the weekend, check out the extension lights and see how many lines are in use when the office is closed. That will wake ya up! Got an old modem hanging off of a server somewhere? What about that PC that's driving your printer spool? That one came in from a vendor and its sitting on your network.(!)

When people are on the road, think about all the data that is on their laptop, in their bag or on their phone. What if it fell into the wrong hands? If laptops are reported stolen, etc. how quickly do you change passwords, VPN's, etc.?

I had an iPod stolen years back - and I used that iPod as a handy little backup of my laptop. HUGE MISTAKE. Changing everything was a royal pain in the ass, and you can bet I don't do stupid things like that again. I got lazy, and paid for it.

No comments: