With the recent coverage of the security breaches at major retailers and medical providers, have you considered how secure your electronic information is? If the data stored electronically in your facility was breached, what would the potential impact be? Would you lose customers, lose intellectual property, have employee records compromised?
Unfortunately, it isn’t just large companies and financial institutions that need to be aware of the risks to their data. Increasingly, smaller firms have come under attack and have been compromised, and it isn’t just credit card numbers or banking information that hackers are looking for. Manufacturing intellectual property is now at significant risk.
As the investigation into the major retail breaches continues it is now suspected that one breach was the result of lax security at an HVAC contractor. In this connected world we live, many of our networks are connected to outside vendors. In this case the HVAC units are controlled through IP networks. The IP network of the contract was breached, and since they were connected to the retailer, the hackers were able to find a ‘back door’ to their network. The lesson to be learned here: ask for the security audit documents from those who ask to connect to your network. No security audit protocol in place? Then be very suspect of allowing any access.
If a hacker penetrates your business network and is able to retrieve banking information and use them to remove funds from your accounts, the bank may not be liable for this breach. There a several cases making it through the court system with mixed results. Your best course of action is to implement the proper security controls within your organization.
The Security Practice at ENS Group has been diligently developing solutions to help protect our clients and we can now offer Security Information Event Management (SIEM).
With SIEM from ENS Group we will monitor the logs of your critical security devices, such as firewalls, which will provide us alerts when an attempt is being made to compromise your network. In most organizations, no one has the time to routinely evaluate and examine the security logs of these devices thus an organization would be unaware that an attack is taking place until it is too late. With proactive SEIM ENS Group will be alerted when attempts take place and we can work with you and your staff to mitigate them and prevent them in the future.