With recent revelations in the news about the capabilities of State-based agencies, and the possibility that almost any actor could use these capabilities, there is likely to be a renewed interest in increasing operational security for technical services and devices.
UNIFY Solutions welcomes the increased scrutiny that will be focused on risk management for IT security. We feel it is vital that enterprises take a holistic view to the risk under which they operate.
With the increase of use of Cloud-based services, well designed and implemented services will be certified to ISO 27001 or ISO 27017 standards. While this doesn’t guarantee a faultless security profile, it does mean that the service is operated to minimise risk of intrusion. It is worth finding vendors with a good record that keep improving their security practices. It is also valuable to understand the risk profile of the technical layers of services run by in-house IT.
We consider this as securing the back-door to services. Identity Management is another risk profile, and is more rooted in social/business practice than in technical. It is also vital to secure this “front-door” to your data, so only intended users can access critical data. In combination, there needs to be a balance between the two - there is no point having the world’s best physical security if you just let anyone in the front door to steal your television.
Please feel free to contact UNIFY to discuss any concerns you may have about your information security.