There is much that can be said about security and so much of it is confusing. Sometimes I wish there was one of those books about security for, well you know, “dummies.” So, when I deal with companies and they ask me about security I try to break it down in terms and in ways that we all understand. I often use the analogy of my home.
My home security is set up in layers and when we think about security we should think about it in layers. The more layers of security we have, the more protected our home.
The first layer I have is lighting. I have lights on the outside of my house. People that are looking to case homes for break-in will say, “hey this guy at least understands security enough to make this challenging.” I’m not going to make it dark and easy for you to just walk up to my house and think you’re going to get in.
Next layer is the lock on the front door. How big is it? Are there multiple locks? Is it just a simple lock or is it a deadbolt? Perhaps they see a good lock and move on to the windows. Let’s take a look at the windows. What kind of windows are they? Are they easy to open? Can I force one open with a simple knife or an easy tool?
I have window sensors. If you go up and you look in my windows you’re going to see a sensor. That sensor says if you open this window an alarmed will go off! Now, do you want to take the chance? Fact is everything I do from the outside towards the inside is painting a picture that this isn’t worth it. I have big dogs- my internal security- running around, who at the slightest sound they’re going to be all over it. I also have a pretty expensive alarm system that if anything gets opened up the alarm is going to go off and contact the police.
I’m creating layers. Layers of security each one in and of itself doesn’t stop someone from breaking in. Each one of them only slows them down or directs them to somewhere else where that alarm will sound, and the police will be called. Layered Security is how we secure our homes and it’s how we need to see security for our businesses.
This can start by making right choices. Sometimes it’s just buying an enterprise level solution instead of a consumer grade unit. You get what you pay for with security! Sometimes it’s about putting smart passwords or password policies, keeping systems patched and up-to-date, looking at event logs, and/or having your systems monitored. Finding where they can come in and stopping it before they try! It’s about properly protecting our data with smart policies and decisions not all of which are expensive. In the 15 years that I’ve been doing this I have discovered that most companies don’t follow good procedures. But I’ve also found that they could, and it wasn’t always expensive to do so. Security doesn’t have to dominate your IT budget, but it definitely needs to be a part of it.
I read a statistic that said that 90% of companies that have a major data breach don’t survive the destruction that it causes, whether that’s true or not I’m not sure. Even if that is nowhere near that percentage that’s too close for me to not get it right. Looking forward through 2019, protecting our data is going to be more and more important. If we lose our data, we lose our business, so we have to protect it. Protection doesn’t have to break the bank and if we start making right choices now it can lead to a big difference overtime. You can’t expect one thing to fix everything. No Anti-Virus stops it all or firewall is perfect. It is the layers throughout the system that work.
Jason McClaflin, Owner JEM Network Consulting, LLC« Back to Blog