Onsite

The last mile of information security

The "last mile"

Most organizations are aware that they must take steps to protect against a data breach or a cyberattack. Many have invested in security measures ahead of time, and hardly notice the work of the professionals.

Firms without continuous digital security consultants tend to only consider taking steps after a loss, and their costs are far higher than those who planned ahead.

Questions you need to ask yourself;

    1. Does your top information security team work together? Do (CIO/CISO), IT, and internal communications or employee relations leaders know each other? Are they working together to build a security culture up and down the organization?
    2. Is there regular communication among the IT staff and employees about the organization's information security training?
    3. Are all areas of your business involved in the digital security of the organization? Is it a part of the HR process? Is there accountability in all areas of document and asset management?
    4. Have you balanced access and security?

Are you "up to date?"

    1. Are you following the latest NIST protocols?
    2. Are you conducting yearly NESSUS scans? (or equivalent?)
    3. Are all areas of your business involved in the digital security of the organization? Is it a part of the HR process? Is there accountability in all areas of document and asset management?
    4. Have you balanced access and security?

Keep your objective in mind.

Cybersecurity is a "people problem." It's not all about the technology, but it is about making the technology easy enough to use that it becomes second - no, first nature.
This is the ultimate example of the KISS principle, Keep it simple and secure. If your employees find your security protocols to difficult, they will ignore them.

An example comes to mind. The protocol for passwords that many businesses and organizations use asks you to have a password that is complex. By that they mean over 10 characters, includes capitals, lower case, numerals and special characters, not be found in the dictionary and, just for kicks, changes every 30 days.

If that's your office protocol, think for a moment, no better, walk over to a desk in your office, and look in the top desk drawer, under the keyboard or on a nice yellow Postit note on the monitor. You probably found that complex and secure password.

That's old technology and old ideas putting the keys on the desk to your entire business. Cleaning staff, maintenance, delivery people all have access to the heart of your business. Yes, you followed the rules, but the rules are out of date and have made you less secure rather than more secure.

We can show you newer protocols that are recognized and far more secure (NIST 800.) We have systems and processes that will easily allow your office to work at peak efficiency with full security and very little time lost to protocols.

We give you the tools to protect by having your people become an assets toward your overall security. It might seem difficult at first, but it's not nearly as difficult or expensive as having to rebuild your IT systems, and the trust of your customers, in the wake of a major breach that could have been avoided.

That's what we do.