As recent media scrutiny of
Facebook's breach of privacy has highlighted,
the biggest challenge facing UK businesses today is IT
security, writes Graham Fern, MD of
www.axon-it.com.
As a business becomes increasingly reliant on the data on its
systems, it faces
ever-increasing threats to the network and data integrity, and
this will continue to rise as long as the need for more efficient
technology rises also.
We all pick up on issues in the media regarding internet usage
and
the security of our electronic data that we store or transmit
to third parties, and these perceived issues are almost the same,
it's just the scale of the solution that differs and therefore the
cost.
It seems today
many users are complacent about their computer security needs,
as they become too reliant on the services and advancements of the
technology world to protect their data.
Computers and data will always be at risk if you don't take
reasonable steps to protect it. Would you leave the front door
to your house open or unlocked whilst you were out for the day? Of
course not, but this simple analogy holds true to computers and
systems at risk if you leave the door wide open.
Some simple steps will effectively reduce the risk to an
acceptable level. However, a committed burglar will gain entry in
to your house despite what measures you take, unless you spend an
extraordinary amount of money on your security systems and even
then there are no guarantees. So to protect our data, we must
accept a small amount of risk without
spending very large amounts of money, and unfortunately the
risks are quite real.
The use of professionally written, intelligent, extremely
powerful and well-executed viral code is becoming widespread.
Infections today are less openly destructive than they used to be
as the writers now know that they can extract
useful and valuable data that has financial worth, like credit
card details. Infected machines have allowed these unscrupulous
people to undertake money laundering, fund terrorism and other
criminal activities. These attacks are not just limited to small
time ad-hoc efforts but they can be streamlined targeted affairs
for a particular purpose.
As an example, during the recent American presidential
elections, unsolicited e-mails with convincing subject matters
where directed at party members involved in the campaign in an
attempt to quietly infect the users computers and capture all their
e-mail traffic and data contained within the PC. One can only
imagine what that type of data could be worth to the highest
bidder. So this type of criminal activity is rapidly becoming
mainstream, the number of detected viruses over the past two years
is almost equal to all the viruses detected since they started
recording such information.
It doesn't stop there.
Mobile devices like phones are the latest target. Infected
phones can be controlled without the owner knowing. This can
include turning on the microphone remotely to listen in to
conversations in a board meeting, turning on GPS and tracking every
movement and reading text and e-mail messages.