In his speech last Friday, President Obama spoke about the need to secure our country’s computer networks. Illustrating the importance of the issue with a personal example, he cited his recent experience with a data security breach during the general election:
“Hackers gained access to emails and a range of campaign files, from policy position papers to travel plans.”
Obama went on to say his experience was “a powerful reminder” and noted that hackers make millions of attempts every day to crack computer networks. He announced his intent to appoint a cybersecurity czar to protect the nation from catastrophic disruptions as a result of computer attacks.
Obama appeared to be knowledgeable by using terms such as “spyware and malware and spoofing and phishing and botnets,” but the actions his administration will take remains to be seen. Computer security is a large, complex issue, and success will require substantial, comprehensive and well-coordinated action.
NetEffect provides Security Audits to its clients, where we examine seven critical components:
1. We list your technology assets and potential threats. Before you can protect yourself, you need to understand what computer data and equipment is important to you and how they can be compromised.
2. We assess data backups and ensure they are regularly taken offsite. We discuss your needs and determine if your backup solution fully satisfies your business needs.
3. We audit security permissions on your server to ensure only the users who need access to sensitive data have it. This also includes assessing password policies to make sure passwords are being changed on a regular basis and are sufficiently complex.
4. We assess your virus protection on PCs, servers and at the gateway device between your network and the Internet.
5. We assess physical access to your computer systems. If someone can gain physical access to your computers, they can easily get your data.
6. We assess your firewall to ensure your office has sufficient protection from the dangers that lurk on the Internet.
7. We educate your users. No matter how well-designed your network and security policies are, your users can unwittingly allow a very dangerous security breach in a myriad of ways. User awareness is one of the most powerful ways to prevent security problems and data loss. Anecdotally, We recently tested a client’s security by calling and asking a random user for their password (without specifically identifying ourselves) and they gave it to us without making us verify that we were their IT firm!
To see an excerpt from Obama’s speech, click here. To read his full speech, click here: