The news hit today of further breaches in Visa and MasterCard credit card processing systems. Desperate times generate desperate acts; therefore there’s been a sharp rise in data and identity theft by those exploiting any available opportunity for personal or financial gain.
At a time when companies have enough on their minds with respect to the economy’s impact on business, IT security concerns continue unabated and are one more threat to financial security. An article in January on SearchCIO-Midmarket.com reported that small-to-medium businesses are not only spending more of their IT budgets on security, but they are focusing more on data protection. That’s certainly good news for those who put their faith in organizations that possess their critical financial data!
The article’s information comes from a research report from Forrester entitled, “The State of SMB IT Security: 2008 to 2009.” In the report, Jonathan Penn, Forrester vice president and the report’s author, shares the interesting detail from his study that SMB IT security strategy now more closely reflects that of large enterprises.
With protection of their data assets being the highest priority, both SMBs and enterprise companies are advised to consider several different types of solutions, such as intrusion detection and vulnerability assessment, but also remember that internal data protection is just as critical. This is where access and identity management, as well as authentication solutions, come into play. Penn affirms that data assets must be protected from insiders as well as external intruders, and points out that both authorized and unauthorized users may use information inappropriately. Therefore, a system that controls access, verifies the identity of users and monitors user behavior is indispensable for organizations that want optimal protection for their business and customer data, and especially for those organizations that also must be compliant with SOX, HIPAA and Payment Card Industry regulations.
As this article conveys, companies of all sizes are increasing their awareness that security is a business issue and that not being strategic and proactive about security is a tremendous business risk.