William Malsam
Business2Community
April 12, 2014
Increasing Vulnerability
It seems essential that modern businesses utilize technology as a means of generating effective administration tools and an online presence. And, as companies rely more and more on the Internet and commercial websites, they become more vulnerable to threats from hackers and cyber-criminals. Today, businesses have more to fear than just masked thieves, they must also be aware of invisible, online threats that may be accessing crucial information.
It’s Only Getting Worse
According to a study published in March 2014 by the non-profit corporation RAND, black and grey markets that provide access to hacking tools, services and byproducts continue to grow at an alarming rate, creating concern for companies and individuals. Lillion Ablon, the lead author of the study, claims that “hacking used to be an activity that was mainly carried out by individuals working alone, but over the last 15 years the world of hacking has become more organized and reliable.” [1] Although defense systems have become more sophisticated, hackers continue to adapt and succeed in their crimes.
How to Prevent External Intrusions
It’s important to protect your business from hackers and intruders on four primary stages: the system level, the network perimeter, the cloud interface and mobile devices. On the system level, encryption and human interface devices (HIDs) can be used to provide fundamental security. For the network perimeter, consider using firewalls, malware filters, data leak prevention and spam filters. For the cloud and mobile level, also consider firewalls, malware filters, but maybe include DDoS mitigation and anti-spyware technologies. These are only a few possible preventative measures to avoid external intrusion [2].
How to Thwart Internal Threats
In order to thwart inappropriate data leaks to your own employees, consider hiring a quality assurance company. Quality assurance companies can simulate the experience of a user on the local network and explore that user’s levels of access. I spoke with Sam Benihya of NRG Global, a Los Angeles-based firm that provides software quality assurance solutions and services to discuss this simulation process. “The tests make sure that a user who is not supposed to have access to certain information does not have access to that private information… We have robots that simulate how a person would interact with the application. It’s very advanced technology. Quality assurance allows a company to fully know the ins and outs of their network,” said Benihya.