Our Product Marketing Manager, Aaron, and I had a watercooler chat the other day about taking a fresh approach to a corporation’s IT Security in the likes and regularity of spring cleaning. An approach like this would be ideal – you would have an up-to-date inventory of your hardware, you would have up-to-date software, and a complete 360 view of your organization. After completing what might be an onerous task, you would be able to identify the robustness of your environment, where your gaps might be, and where you have room to improve. In general, one might argue you would feel ‘in control’.
My colleague, Alexander Mazuruc, attended the International Cryptographic Module Conference that took place last month in Gaithersburg, Maryland. Alex is a Senior Developer at WinMagic and has a unique “flair” for navigating the arcane world of product security certifications. He has delved deeply into Common Criteria and has been our go to person for all things FIPS for almost a decade.
With the growing world of technology, the IT manager is plagued with the grueling task of technology audits. Audit checks are carefully planned, controls are tested and evaluated, and then reports help identify problem areas to work on. The method in which you choose to audit an organization depends greatly on the organization; nonetheless, one factor of auditing should not be overlooked—the follow-up.
As Data breaches become more and more prevalent in today’s world it is worthwhile for Marketing and IT departments to band together to make a case for the implementation of full disk encryption in an effort to protect both privacy issues as well as brand equity. In my experience, most stakeholders understand data breaches can and should be avoided; but if they do occur, and and organization is viewed as having inadequate protection of customer and employee records, stakeholders and the public at large can be ruthlessly unforgiving. That’s where the rubber meets the road and companies can suffer a significant bottom-line impact of brand deterioration.