Secure? Or not Secure?

Is anything less than 100% OK when it comes to your computer security?

You would think that everyone out there is answering that question with big fat “no”‘s and quite a few “hell no”’s. But that isn’t what is happening in the real world. Many companies buy a marginal firewall, subscribe to an anti-virus program that updates every day or so. They allow USB’s, and all manner of portable media, they don’t enforce policy to keep pirate and unlicensed software out and generally think, “it won’t happen to us.” Then when it does happen, they say, “Well, we did all this, why?”

New viruses are introduced to the internet today at a staggering rate. Zero day malware peaked recently at over 60,000 in one day. Daily average of zero day malware over the last several months is consistently well over 30,000 per day. Those numbers equate to needing a new malware signature every couple of seconds 24 hours a day. How does a network manager keep up with that?

“Oh, by the way Khun IT guy, “my printer doesn’t print and accounting said their software wasn’t working and I’m downloading this file and it’s taking all day and you need to move Somchai’s computers to his new office and Bob, the new guy needs an email address and…”. You get the picture.

Well, if Khun IT guy really did keep up with security on a network of even 50 or 100 computers, he would need at least one more staff dedicated to nothing but monitoring attacks, updating signatures and flagging spam. And that’s around the clock, so either cut your network off the internet after business hours or you hire two more people to cover the night and graveyard shifts. Don’t forget your anti-virus, anti-spam and intrusion detection engines and signature databases have to be state of the art and constantly updated. (There are something like 7 million virus and 19 million spam signatures floating around the internet, ask your anti-virus company how many they can identify AND block.)

Now, you say, “We can automate all that stuff, can’t we?”. You can – to a degree, but where can you get anti-malware engines that have been tested and proved to block 100% of the current WildList™ viruses, trojans and worms? How capable are your IT people with internet security? And is someone watching your network 24/7/365?

Is your data worth it?

The question really comes down to your data. Is your data worth 100% security or is “good enough – good enough”? Only you as a company manager can determine if losing a day or a week of email is worth the risk. Think about the most important files stored on your computers, contracts, design files, customer lists, quotations, bank information, AR reports, financial reports, employee data, pricing data – what is the impact on your business if you lose any of these? Or if any fell into your competitor’s hands? Your customer’s hands? Regulators hands? But, you will save a few hundred baht every month, won’t you?

There is a solution – 100% virus catch, intrusion protection, data leakage protection, VPN’s, regulatory compliance and about a fifteen more things that Khun IT guy can’t do even on his best day.

If your data is worth protecting to 100% give us a call. If it’s only worth 80%, 90% or even 99%, stick with what you’ve got. Call us after you lose some, we’ll be here and help to pick up the pieces.

From the somewhere in Manila, Philippines  – Vic Rollins

[First day malware quote]

[Tolly Group report on Network Box test]

[Spam numbers and Z-Scan]

This entry was posted in Technology. Bookmark the permalink.

Comments are closed.