The IT security group within every corporation is under file. Relentless cyber-attacks, user errors and improperly designed and implemented processes and procedures contribute to a maelstrom of problems that executives expect to be instantly solved.
The news for IT departments continues to sound dire. Companies like Symantec estimate that 56% of employees believe it is appropriate to take information with them when they leave a job site. Exacerbating the urgency for companies to implement stronger security measures are statistics from the Carnegie Mellon US CERT team estimating that 75% of cyber incidents go unreported.
Surprisingly, a vast majority of the problems faced by IT on a daily basis can be traced back to three key mistakes. These missteps endanger organizations every day, yet all can be fixed or at least worked on to mitigate the problems they cause. But before we talk about solutions, let’s first identify the terrible three.
Mistake 1: Insufficient vendor access monitoring
Regardless of sector or industry, or of the size of an organization, the need for third-party vendors and outside companies to have access to a client’s proprietary network, data and intellectual property is a given.