Security: Is your business on top of things?
First and foremost, it seems that the protection of your company's data is not a simple issue and shouldn't be brushed aside by merely throwing money at it and hoping it will go away. There are certain priorities that need to be addressed.
Natasha David, senior software analyst for IDC Australia, said to ZDNet Australia, "Corporate data has become more valuable in the information and Internet age, and businesses need to make the mental shift between protecting physical assets to protecting their intellectual capital and investment."
Similarly, James LaLonde, vice president in charge of the Asia-Pacific region for Brocade Communications systems, recently stated during his visit to Australia that data has become more valuable than the technology in which it is contained.
IDC's David also believes that another major security issue for online Australian and international businesses is the privacy of its clients. This has been exacerbated by the bad press surrounding dot-com failures that pursue "names for sale" type liquidations. "Companies need to realise that having an enforceable privacy policy is one of the key things consumers to e-commerce sites look for before transacting online," she says.
But it seems that it is the human factor that has one of the most profound effects on the security of businesses in Australia. David says that security has never just been a technical issue, since there is always a human element to consider. "Often the human response to emails is the primary reason companies are still vulnerable to virus attacks--for example in the recent cases of 'Naked Wife' and 'Anna Kournikova' viruses," explains David.
Although antivirus tools are being deployed at the server level to prevent these attacks from reaching clients, IDC believes that these attacks will become more targeted to exploit the human factor.
"Another issue to consider is that technology can not compensate for cavalier attitudes," says David. "By this I mean employees who leave their desks without logging off their stations or critical applications (including email)... It is no use having a state-of-the-art security software solution when the company does not augment that solution with an enforceable security policy."
