Your company has been hacked. Did you even know?By Ron Onur Aksoy
It’s a disturbing headline, isn’t it? And though you may not realize it, there is a very good chance that your company has experienced a breach without even knowing about it. Now, that’s not to say anything has been stolen, or that any horrible consequences are about to befall your organization: the stark reality is that you are vulnerable whether you’re aware of it or not.
For example, take the realities of cloud computing. The concept is simple: enable access anywhere, anytime for seamless connectivity and productivity. However, with this great functionality and opportunity for bigger and better things comes the scary part of cloud. The access that is given for all the good things cloud has to offer is also its biggest threat.
One of the primary challenges that most companies face is simply the lack of access management. Think of it this way: if a person works in the compliance department, that person should have access to compliance-based materials. Whether that’s reports, files, access to systems and applications, that access should be granted only on an as-needed basis. But that’s not always the case.
In many instances, as people move from department to department within an organizations—upward or lateral moves—the need to access information types changes with the position and job description. Therefore, with the previous example of a person in the compliance department, if and when they move to another department, let’s say Human Resources, shouldn’t their access to compliance materials be revoked? The answer is, of course, “yes.” The chances of it happening, however, are far less than you’d imagine.
That is not where this issue ends. Aside from employees having access to things they shouldn’t, there is a far greater threat for data breaches. How many contractors, consultants, temporary employees, people about to retire, and so on, have access to systems and files via the cloud? Most likely, far too many.
Now, if all of these people are still working at their respective tasks, great! Keep them working and producing. But what about the contractor who completed the job six months ago who still has access to files? What about the person who retired last year, yet can still log into systems long after the last piece of cake is served at their farewell party? Get the picture?
In fact, here is a perfect example. A good friend of mine told me about a colleague of his, a virtual CFO who works with a multitude of companies. That CFO left an organization, and yet almost a year later was still able to log into the company’s accounting software. And though no nefarious acts were carried out, and the CFO being a stand-up guy notified the company immediately so that his access could be revoked, this issue of access is of great concern. The potential for crime was created without a single bad guy “hacking” anything.
So, what needs to be done to fix this? Identity and Access Management (IAM) is one of the easiest and most effective ways to stop data breaches. And given that the latest stats show that 75% of breaches are from internal threats, the path becomes pretty clear as to what to implement first when contemplating a cyber-resiliency plan.
The threat is real and the partial solution is at least pretty simple. Making sure that there are roles and responsibilities assigned to access management is a great first step. Monitoring who accesses what, when, and for what reasons will at least paint an accurate picture of potential threats.
After all, the last thing you need is your financial data, internal reports, and more strewn across the internet for all to see. Because the worst headline will always be, “Your company has been hacked.”
Pro Network Promise
To our Customers
We promise a lifetime of great customer service and superior products and solutions that cut costs and increase value.
As a customer-focused supplier of network equipment, we take pride in delivering not just high-quality products and services, but also the IT equipment that is compatible with your other systems. We assess your business requirements, the overall needs of your operations, and then we leverage our proprietary software, partners, and certified compliance policies—all designed so that the equipment fits your requirements and your budget.
Our assessment process includes identifying what you need through internal focus groups and one-on-one meetings with you. We invite you to collaborate with us to fine-tune what is required to meet your business goals and budget. We also collect feedback to ensure our service has fully met your expectations and to establish communications with your dedicated account manager, if required.
At the end of the day, for us it’s all about our customers. Just tell us what you need and what your goals are, and we promise to do our best to fulfill all your requirements.
Exceptional Customer Experience
Big Brands + Best Service
Our commitment to delivering an exceptional customer experience extends to the brands we offer.
We work only with the top brands in the network hardware industry, building relationships with our partners to ensure we provide high-quality, genuine products. Our brands include:
1701 NW 93rd Ave,
Miami, FL 33172
+1 (786) 598 7911
Monday to Friday
9am - 6pm