Helping clients manage their technology for over 30 years.

Your Wireless Network: Signs That the Tail has Begun to Wag the Dog

network management - wireless networks have become the primary network

In many companies, the wireless capability added on to their enterprise network a few years ago has become some employees’ primary network.

It’s a development that signals just how quickly mobile devices are proliferating the workplace. The so-called “consumerization of business” changes the way we work — and our data networks have to keep up.

This transformation has been in the works for a while. In 2011, market analyst firm Gartner predicted 80% of corporate wireless network technologies would be obsolete by 2015. Gartner may well be right, given the findings of more recent research. Continue reading

IT Security in 2014: How You Can Protect Your Business

Virtual locks representing security

Most security experts — including ours at Quest — will tell you that it’s no longer a question of if attempts to compromise your data, apps, and/or technology infrastructure will happen, it’s now only a question of when.

So what can you do to protect your business in this age when it’s so tough to distinguish between trusted and threatening network traffic, when there’s no longer such a thing as a secure perimeter around your data, when the “attack surface” has never been greater? Continue reading

IT Security in 2014: Challenges and More Challenges

Glass chess pieces

Information technology has become a business essential. We’ve reached the point where our ability to thrive and succeed depends on key software apps and the technology (wherever it may be) that runs them, our access-from-anywhere to the Internet, and our ability to gather and analyze troves of digitized data.

The easiest targets
So important are these capabilities that we often put them into use before we’ve figured out the myriad of ways they’re vulnerable to those with malicious intent. And while smaller enterprises used to be able to escape the worst of these vulnerabilities simply by slipping beneath cybercriminals’ radar, those days are gone.  Continue reading

When It Comes to Security, Know Thyself

Data Security & Data Loss Prevention (DLP)

“If you don’t understand the risks, you don’t understand the costs,” security guru Bruce Schneier advised during a TED talk.

He was discussing security in the abstract — but it got me thinking about IT security in particular and the difficulty many executives face trying to determine if their organizations are safe from cyberattack.

The problem is that these conversations nearly always turn technical. Soon, a flurry of technology acronyms — confounding but apparently reassuring — begin flying around the room.

And, reports Schneier, it works. People, he says, will “respond to the feeling of security and not the reality.”

So what can a CEO do to understand the reality of security risk and grasp what the actual cost of security failure might do to the organization?  Continue reading

98% of Apps are Insecure — Here’s How You Can Protect Yours

Mobile phone with password on screen to illustrate mobile security services

Sadly, one can make the argument that if software vendors did a better job of integrating security testing throughout the development lifecycle, our current struggles with application security might be less challenging.

In fact, however, software vendors are late to the party. Their security testing tends to be tacked on to the end of development lifecycles as an afterthought, which may account for one recent study’s startling conclusions that:

  • 98% of applications carry at least one application security risk (and each risk may signal the presence of multiple vulnerabilities)
  • 80% of applications showed more than five risks
  • The average application registered 22.4 risks

Continue reading

How Big is The BYOD File-Sharing Target on Your Corporate Back?

Colored files with arrows to and from the Cloud.

If yours is like most businesses these days, many of your employees use their own smartphones, tablets and/or laptops to do their jobs — and the numbers are climbing fast as more people go mobile. Pew Research Center reports that as of May 2013, 56% of American adults have a smartphone and as of September 2013, 35% own a tablet.

Continue reading

10 Information Security Best Practices You Can be Thankful For

If you’ve gotten this far through 2013 without an information security breach, count yourself fortunate. According to a recent survey by PwC, CIO magazine, and CSO magazine, security incidents have increased 25% over the last year. The financial costs of these incidents have climbed, too — by 18%.

The PwC/CIO/CSO survey points to three culprits: new hacker strategies, the bring-your-own-device (BYOD) trend and cloud computing. And it warns that too many organizations have not changed their security stances, leaving themselves dangerously vulnerable to new kinds of threats.

Continue reading

Application vulnerabilities: Closer than you think

graph showing application vulnerabilities. small version has no labels.

Consider: Last year, according to Verizon, 54% of data breaches began as attacks on web applications, and for years one type of attack — SQL injection — has been the means by which 83% of stolen records were extracted. Meanwhile, says Gartner, 25% of all DDOS attacks this year will be application-based, and an increasing portion of these attacks may actually be diversions in which the bad guys use remotely accessible malware to target user accounts (for personal data or, in the case of financial institutions, for money).
Continue reading

Cloud Computing best practice: Always monitor your Cloud services

In order to know whether your Cloud provider is meeting the performance and availability parameters set out in your service-level agreement (SLA), you have to be able to monitor your Cloud services.

While you might not need or care to see detailed reports about the performance of your provider’s various infrastructure elements (VMs, storage, etc.), since this information doesn’t really provide a sufficient view into overall Cloud performance, you can and should seek information from your provider regarding application and/or workload performance.

Continue reading

CEOs in the Crosshairs

Writing hand in crosshairs

When it comes to security breaches, CEOs stand in the crosshairs. More than their IT staffs, it’s a CEO who’ll take heat for a breach that exposes customer data or endangers relationships with business partners.

So, unlike plenty of other IT issues that don’t require C-level attention, information security ranks right up there alongside financial issues as something with which CEOs need to be familiar. Yes, information security can be daunting, but so are financial statements — and CEOs have to sign off on those.

Where to start? Here are three questions every CEO should be able to answer: Do you know who your security expert is? Do you have a security policy? Do you understand how it’s implemented, managed, enforced, monitored?

Continue reading