Firms 'not serious' about IT security

2013-03-28 09:02
Drew van Vuuren says companies should take IT more seriously. (4Di Privaca)

Drew van Vuuren says companies should take IT more seriously. (4Di Privaca)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

kalahari.com

Cape Town - Security is especially important in the corporate environment as intellectual property is at stake, but companies don't always take effective precautions to protect their IP, an industry insider has said.

Specifically, the growth of Bring Your Own Device (BYOD) has seen an additional risk to corporate networks as managers struggle to cope with security.

According to Drew van Vuuren, CEO of information security and privacy practice, 4Di Privaca, companies often leave security as an afterthought which exposes them to data theft.

He spoke to News24 about the management of IT security, specifically highlighting ideal policies for mobile devices and cloud-based solutions appropriate for the corporate environment.

News24: How have companies responded to the BYOD movement in SA?
Drew van Vuuren: Badly! But it has to be said that it is really specific to verticals. In the financial sector there are far stricter controls on what systems are accessible by the BYOD platforms.

Whereas in other less strict verticals, businesses are allowing almost blanket access on mobile platforms that support the business applications that users would like to access. The main bones of contention question where control is enforced, and whether it’s at the network, application or endpoint.
 
News24: Would you advise companies to make use of consumer cloud-based solutions for data backup?
Van Vuuren: In short, no. Platforms like Dropbox, Google drive and Sky drive are great for storing photographs of your latest camping trip, however using such platforms for storing critical company data is not advisable.

Although these environments do offer encrypted delivery paths, and profess to encrypt and anonymise the data, there is still the risk of the environments being compromised and your data being stolen.

The above doesn't even take into consideration data compliance mandates that will enforce who has access to the data based on geographic locale of the systems storing it.
 
News24: Can companies eliminate the "human" factor that leads to security risks?
Van Vuuren: No that is not at all likely. Humans are the creators, processors, managers and manipulators of data. It is our actions on data that influence its behaviour, and any thought of eliminating the human factor is a non-starter due to the fact that we are the ones in control of the systems that manage the data.

An example would be a database administrator; their role is to ensure that the system is configured correctly to ensure smooth operation for the user. Should they err in their actions when setting permissions for access to the database, they expose the system to compromise.

Vendors have attempted to go some way to eliminating the human factor when it comes to configurations of technologies however human input is still required to ensure the systems are deployed and made available for use by other humans.

News24: Based on your experience, what mobile platform is the most secure for corporate applications?
Van Vuuren: Well, that would be the Apple iOS platform. Apple have maintained a stronghold on the source code for iOS and haven't opened it up to the community for manipulation, unlike the open source Android system.

Now some might argue this stifles innovation, ironic when you consider Apple's image as an innovative company, yet, by being so proprietary with the iOS mobile platform they have ensured a level of security that is not enjoyed by Android and the other mobile platforms.

Windows 8 has only recently been released so there is not yet information yet on whether the mobile iteration is as secure as iOS.
 
News24: How do companies retain IT skills that are easily mobile?
Van Vuuren: Pay them more… No in all seriousness, many IT pros are motivated more by a sense of accomplishment and continuing education.

Empowering individuals to innovate within their own area of expertise, exposing them to further skills development and offering them a sense of job security is what most IT people are looking for when it comes to their roles in an organisation.

Obviously, if they are intent on regular exposure to newer environments and challenges it would be difficult to retain them, but I believe that with the right mix of challenges and independence that the folks in your local IT department won't look external for the job satisfaction they crave.
 
News24: What is the best practice as regards IP in the corporate technology sector?
Van Vuuren: By IP I am assuming you mean Intellectual Property, and not Internet Protocol as that would mean an entire different kettle of fish.

Retaining intellectual property is difficult at the best of times, what with the open source movement being so vocal when it comes to access to technology. Good practice would be to provide recognition to sources of IP within your business.

If the IP produced in your environment leads to greater profit for your business, reward and recognition to the innovators of the IP will go a long way to ensuring businesses can retain it.

Of course there is the contract of employment that states that the business retains the rights to the IP when developed while in the employ of that company, but often that restriction is difficult to enforce, so reward and recognise the importance of the IP to your business and it will likely remain within your business. 
 
News24: Spam is not a big problem in SA yet. Are there ideal company practices to limit exposure as more people come online?
Van Vuuren: The best way to limit the impact of spam on an organisation is to ensure correct configuration of systems that handle your mail.

Making use of outsource e-mail management platforms like for example Mimecast or MXLab will go a long way to ensuring that your business is not affected by spam.

The best way to reduce the impact of spam however is user education. Train your users to use e-mail responsibly and the impact of spam would be minimal. From an architectural viewpoint, configure web-based systems to not act as a mail relay for unsolicited e-mails.
- News24
Read more on:    technology  |  cybercrime
NEXT ON NEWS24X
SHARE:

Read News24’s Comments Policy

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
5 comments
Add your comment
Comment 0 characters remaining
 

Inside News24

 
/Africa
 

Device lets disabled people talk through their nose

A device that converts nose breaths into speech will open new doors for people with Parkinson’s or motor neuron disease.

 
 

For chic geeks...

It’s THIS easy for someone to steal your ATM pin!
This is why you should install iOS 8
17 photo illusions that look so real
Check out the speed of this robo-cheetah!

Jobs in Cape Town [change area]

Property [change area]

Travel - Look, Book, Go!

Magical Massinga

Spend 5 nights at the gorgeous Massinga Beach Lodge in Mozambique and only pay for 4 from R13 220 per person sharing. Includes return flights, accommodation, transfers and romantic turndown. Book now!

Kalahari.com - shop online today

Pre-order your iPhone 6 at kalahari.com

Hurry and pre-order your own iPhone 6 now at SA’s favourite online store!

Bargain box – 60% off

Reduced prices, very limited stock. While stocks last. Hurry and shop now!

Mind blow low prices on electronics

Get either the Prestigio multiphone or Proline tablet 7” tablet for only R699. Offers valid while stocks last. Shop now!

30% off Barbie toys

Save 30% on all Barbie toys and accessories. Offer valid while stocks last. Shop now!

Baby extravanganza month at kalahari.com

Celebrate baby month with a wide range of awesome baby products. Offers valid while stocks last. Shop now.

OLX Free Classifieds [change area]

Samsung Galaxy s4

Mobile, Cell Phones in South Africa, Western Cape, Cape Town. Date October 24

Best bargain in big bay

Real Estate, Houses - Apartments for Sale in South Africa, Western Cape, Cape Town. Date October 25

VW Golf 6, 1.6 Trendline (Excellent condition)

Vehicles, Cars in South Africa, Western Cape, Cape Town. Date October 25

Horoscopes
Aquarius
Aquarius

Don`t judge so quickly or expect too much, be more accepting and understanding and make space for fun and spontaneity. ...read more

There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.








Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.