When we speak of information protection in the current world, in which in most of the cases we do not have control on the correct company’s information storage, we must refer to protection in a most strict manner. In a practical way, the information that we have stored on laptops, desktops and pen drives, must be protected in the same way as that which we have within the company. In addition, there is another type of information that is generated in our homes and stored in “clouds”. A new term that every employee has known in recent months.
To this new modality we need to add an important risk, caused by the high amount of equipment connected simultaneously and daily to networks that were not prepared from the point of view of the capacity of Internet providers: micro-cuts and the weakness of the connections.
These two problems make users, in front of the impossibility of being able to save information in the clouds, to do so on their devices locally, with the high risk that this entails. No company knows for sure if the computers of its employees (except those provided by the company itself) are adequately protected against malware or ransomware attacks, or if they are encrypted and, if so, in which way.
Within the company’s premises, computer risks are usually vast and are seldom considered, being so; same happens in our homes, and even more critical, if our computers (with sensitive information) are used by children to play online games or browse in the Internet.
An information security audit is a specific tool to diagnose the current situation and design the best solutions. Currently corporate information is still subject to theft, destruction and / or loss.
Which are the best practices?
It is recommended that employees who handle confidential information are protected by means of robust logical access controls, VPNs and encryption systems that prevent access by outsiders.
At the corporate level, “clean desk” policies and shredding documents are a standard that every employee must follow. But, what do we do in our house? Do we take measures to protect it or prevent it from being damaged by third parties?
Executives in upper management and in areas such as Development, Production, Finance and HR are the ones that generate the most sensitive information, and you never know who can access it in an unauthorized way. Taking advantage of these vulnerabilities, hackers today have an easier scenario to attack, knowing that there is less protection in homes than within the internal network of the company.
The general security plan of a company should include not only a section about information security and how it should be related to the company’s own security systems, but also new security policies for teleworking or remote work.
Information security is also a project
When it comes to designing security protection measures, or how to implement them, it is advisable to turn to specialized and experienced companies. Each project must be complemented with specific security procedures to secure the data of your company.
G5 Integritas has highly trained professionals who can assist you in designing the best protection systems. If you are interested in optimizing the security of your company information, we invite you to contact us at: [email protected] or by visiting our website at www.g5integritaslatam.com