Helping clients manage their technology for over 30 years.

IT Security in 2014: Challenges and More Challenges

Glass chess pieces

Information technology has become a business essential. We’ve reached the point where our ability to thrive and succeed depends on key software apps and the technology (wherever it may be) that runs them, our access-from-anywhere to the Internet, and our ability to gather and analyze troves of digitized data.

The easiest targets
So important are these capabilities that we often put them into use before we’ve figured out the myriad of ways they’re vulnerable to those with malicious intent. And while smaller enterprises used to be able to escape the worst of these vulnerabilities simply by slipping beneath cybercriminals’ radar, those days are gone.  Continue reading

10 Information Security Best Practices You Can be Thankful For

If you’ve gotten this far through 2013 without an information security breach, count yourself fortunate. According to a recent survey by PwC, CIO magazine, and CSO magazine, security incidents have increased 25% over the last year. The financial costs of these incidents have climbed, too — by 18%.

The PwC/CIO/CSO survey points to three culprits: new hacker strategies, the bring-your-own-device (BYOD) trend and cloud computing. And it warns that too many organizations have not changed their security stances, leaving themselves dangerously vulnerable to new kinds of threats.

Continue reading

Application vulnerabilities: Closer than you think

graph showing application vulnerabilities. small version has no labels.

Consider: Last year, according to Verizon, 54% of data breaches began as attacks on web applications, and for years one type of attack — SQL injection — has been the means by which 83% of stolen records were extracted. Meanwhile, says Gartner, 25% of all DDOS attacks this year will be application-based, and an increasing portion of these attacks may actually be diversions in which the bad guys use remotely accessible malware to target user accounts (for personal data or, in the case of financial institutions, for money).
Continue reading