Cyber criminals are constantly employing new approaches to infiltrate businesses — making security breaches inevitable. That’s why understanding the security landscape, developing a strategy and engaging the right suppliers to help implement or strengthen your customer’s security is so important. Taking these measures will help minimize the impact of any security event that may occur.
Additionally, time is the most precious resource when responding to a threat. The faster you can help your customers recognize and eliminate a threat, the less damage it will do to their business, and the more you will be the hero.
Questions to consider:
- What are the biggest security concerns facing your organization and does the staff have the budget and expertise to handle them?
- Have you recently conducted any type of security review on your people, processes, or technology?
- Have you adopted any cloud-based applications, and if so, are you aware of the risks that have been created?
- Is your organization’s information system access limited to authorized users, processes, or devices?
- Do you have a contingency plan in case of an emergency?
- Is physical access to systems, equipment, and operating environments limited to only authorized individuals?
- Does the fireway include modern functions, such as application awareness and network intrusion detection?
- Is anti-virus installed on all endpoint devices?
- What cloud-based security options are available?
- What functions (e.g., remote wipe, data encryption, etc.,) should be enabled on mobile devices?
- How is data being controlled, restricted and tracked?
- How are compliance requirements being monitored?
- What training should be put in place for the general workforce?
- What level of security knowledge is needed by the general workforce?
- How is the overall level of security knowledge and awareness being measured?
- What process is in place for risk management?
- Have you calculated the costs for security breaches, including reputation cost?
- What is the plan of action in the event of a security breach?
- What is the business continuity/disaster recovery plan?
- Are you conducting security assessments to identify potential problem areas?
- Which departments and individuals should be responsible for deciding security policy?
- How is the security policy communicated?
- How is buy-in among the general workplace confirmed?
- What penalties are in place for policy violations?
Listen for these comments:
- I’m looking to make a major migration to AWS, but I’m considering a hybrid cloud instead. Should I be concerned about security?
- I’m working on virtualizing my equipment and putting it into a public or private cloud, how do I secure it?
- How do I get a better understanding of the performance and security of my environment?
A services company with over 50 locations was in need of security auditing. Company growth over time, along with employee turnover, brought multiple solutions which had bolted on over the years. Additionally, they held credit card data and personally identifiable information, which put them under the governance of many regulations like Sarbanes Oxley and PCI-DSS.
While working with the customer on a network redesign, it became apparent that customer information was being shared when and where it shouldn’t. Not wanting this to escalate into a bigger issue, the company solicited our partner’s help to come up with a solution. We brought in a provider that can do full scope auditing, pen testing and gap analysis.
The engagement was originally only going to be two to three months, but after their initial social engineering and auditing efforts were successful, it was clear to the organization that a lot more work was needed.
In this case study, the partner was selling connectivity services when they asked the question, “What is your current security posture?” This one question led to multiple opportunities. The partner is the hero in this situation because they helped the customer implement and become compliant with all the required regulating bodies and reduce their chances of a cyber attack.
For the full list of suppliers offering Security visit: https://mtvoip.com/security-millennia-technologies/