Information is pervasive, and although that provides major benefits for an organization, all that data also creates a strain on an intrusion prevention system and security intelligence strategy. But knowing your key challenges can help. Focus your firepower on these five major areas:
A recent survey from Dimension Data found that 77 percent of IT professionals surveyed reported security and privacy as the top challenges when implementing a mobility strategy. And 90 percent of respondents admitted they weren’t able to prevent employees from accessing enterprise systems from their personal mobile devices.
Security adjustment: Mobility has become a key driver for business, but that doesn’t mean it has to sink your data security controls. Develop strong authentication for mobile users and then take a look at your access policies. Employees should get access based on position, location, and device type, in addition to other factors determined by IT.
2. Cloud computing
Data stored in the cloud can range from employee records to customer order histories. With the constant flow of information in and out of the cloud, it can be tricky to implement a thorough security plan.
Security adjustment: Be sure to collect logs from applications that are deployed in a cloud environment. Many organizations overlook access information from Software-as-a-Service (SaaS) applications, but this type of log data can be crucial for preventing intrusion.
3. Social networking sites
Securing social media in an organization goes far beyond password controls or access restrictions. IT has to recognize the growing importance of social media as a business tool and allow access. Yet, that free communication certainly has its risks, especially in terms of governance and compliance.
Security adjustment: Start with a strong, enforceable policy. Research firm Forrester reported in its “CIO’s Guide to Establishing a Social Media Policy” that a significant number of security and risk professionals have no social media policy in place. Those that do have a policy lack tools to sufficiently enforce and support the policy. Make sure you know which tools and policies work, and most importantly, crack down when needed
4. Big Data
The profusion of data across multiple device types has created an ever-increasing volume of unstructured and structured data. This explosion, known as Big Data, brings opportunities for greater insight into business information; it also presents new challenges when it comes to security.
Security adjustment: Consider a converged infrastructure system. This type of setup can help to detect more security issues, run more efficiently, and find threats faster because there are no gaps in networking, data collection, and data integration. Learn more about converged infrastructure here.
For organizations that deal with online payments and retail transactions, fraud prevention is a vital component of security as well as regulatory compliance.
Security adjustment: Conduct a fraud risk assessment by division or function. For example, drill down on fraud risk for finance and accounting and do a separate assessment for payroll. This approach allows for better control and more proactive fraud prevention.
Get help when needed
Staying on top of security is an ongoing task that can get more complicated in today’s fast-changing environment.
But by knowing which risks need to be mitigated, you can develop better controls and optimize business intelligence. Learn more about increasing your security measures with a security architecture review.