IT Security Blog

Keeping Yourself Safe in a Technological World

By

Unfortunately, every day there are new threats that make themselves known in the world. Even though there are many that have been foiled in their attempts to steal, kill and destroy, there are even more threats out there that lurk beneath the surface and wait to pounce on unsuspecting subjects.

keeping safe in the digital world

Many of the dangers of this world don’t have to do with technology or the internet, as muggings still happen every day. Rapes, robberies, battery, and murder will never go away as long as there is evil in this world. The unsettling thing about danger is that as the world grows in number and technological advancements, so too does the amount of crime, only now, it’s not limited to the physical world. [Read more…]

IT Security As Related To the Real Estate Industry

By

Information technology in general is important across basically all industries these days. But, because there are different types of sensitive information, and different ways that information can be used for you, against you, and to manipulate you, there are different sets of protection and regulation in specific circumstances.

For instance, in the real estate industry, particular care and specificity is involved in with things like regulatory agencies, protection against hacking, bankruptcy involvement, best practices from client and consumer standpoints, and being sure to pay attention to mail legitimacy.

IT security in real estate
[Read more…]

Information Governance

By

 

Before there was a Bill Gates or a Steve Jobs, most companies relied on typed records, carbon copies and hand-written notes to store data and valuable information. If the boss needed to check an employee’s work history, he would simply ask his secretary to pull the file folder from the wall of four drawer, steel filing cabinets. The system worked pretty well before we had computers and the digital world replaced the paper world.

Today, almost every document has been copied, scanned or otherwise reduced to a digital record. IT managers are charged with the responsibility of designing systems to create, store and access that data. They, along with the executives and managers who run the company, must be able to account for that data whenever it is needed. Electronic data may be stored on the hard drives within an organization or it could be out there in the cloud. [Read more…]

Levels of Confidentiality

By

Information that is sought to be protected by companies is typically categorized into different levels of confidentiality.  Confidentially pertains to the prevention of disclosing information to unauthorized individuals.  IT security therefore involves making sure that information is released not only to authorized individuals but to individuals who have been specifically authorized for such level of information. 

When information is designated as public, such is expected to be shared without restriction.  These information are presumed not to present any potential harm to its owners even when widely disseminated.  In general, there should be nothing to prevent the sharing of public information. 

Some information are categorized as sensitive.  Sensitive information is released in a controlled manner to a specific group or groups of people.  These people are typically on a need-to-know basis and those who have no business knowing should not get their hands on it.  Since these information are not completely private, there are bound to be some problems with control which is sought to be prevented by identity authentication and specific authorization measures. 

Information that requires the highest level of confidentiality are those categorized as restricted or highly confidential.  The improper disclosure of such information is expected to expose its owners to serious risks.  When restricted information is unnecessarily disclosed, the need for extensive damage mitigation may arise.  The information leakage also warrants investigation so that any further disclosure of information of the same nature will be avoided and prevented.  IT security highly depends on the people having access to critical information.

IT Security Policy for Employees

By

Locked Out by Truthout.org

Information technology or IT continues to serve the needs of a business from start to the processes of change that it is required to go through as it expands.  It is a necessary occurrence for increased IT security to be needed as businesses grow.  Companies can protect themselves better by laying out the fundamentals of IT security through policies.

Every company operates on its own level of security in the aspect of technology use so it would be impossible to have complete uniformity between company policies.  The most basic components however are essentially the same.  Such components deal with maintaining data security discipline among employees and providing for the official use of the business equipments provided. 

Electronic mail or simply email is deemed an official form of communication between the company and the customers thus it is important that those who are sending it are authorized to do so.  Companies generally have the right to review online communication of employees done through company facilities which give them the chance to intercept and prevent communication which are contrary to company policy or puts the company at risk or danger.  This right however has to be legally backed up by carefully worded terms and conditions.  Most companies also include automatic disclaimer in email contents. 

Employees need to know what constitutes transgression of company security if they are to be expected to act accordingly.  There is also a need for policies to undergo periodic checking and evaluation to ensure that they are current to existing conditions and technologies.  Employers must have access to sanctioning violators of IT security policies so that employees fully understand the consequences of their actions.  Clear-cut written words that have sound legal basis provides the foundation of every IT security policy.

Telecommuting Woes???

By

telecommute.jpgResearch has shown that a survey conducted within a large company shows that although telecommuting is very much productive for many firms it tends to be on the downside for those employees who do stay within the physical office itself. This can be in the areas of personal assistants/secretaries and other office workers who are left to run the office in the absence of their counterparts/coworkers. This leads to dissatisfaction in the workplace hence lowering productivity and encouraging home-bodies to engage in dangerous liaisons from within and outside of the office.

The hatred felt is seen in the rising occurrences of these same people becoming the entry point for attacks on corporate networks when they visit social sites to pass on the otherwise boring day. This is also counterproductive for their attention to work and the other nuances such as physical security and IT security is so much a threat that it is under study on how to improve the working conditions for these people. They are distracted and left to do almost anything they please which is where the security gap seems to be, using the corporate network to access social sites to which they are members of. Even the installation of hardware and software security measures cannot guarantee security coverage at all angles for the main security risk is still the human behind the keyboard who does the typing and not on the structure of the system itself. It might be helpful to get them out more often to allow their facilities more practice letting the steam and pressures/boredom to dissipate. Role rotation may be a key but is not always feasible for there are certain knowledge associated issues that have to be addressed to be able to do that. Training and re-training people allows them to sharpen skills and add new knowledge to their already bored lives.