The life of a small- or mid-sized business’s IT manager certainly would never be described as “easy.” These are the people you’ve charged with keeping the company’s computer systems running and secure.
It’s a tough job. So please forgive them for how they’ve decided, and how you’ve allowed them, to set up your company’s password policy.
Why? Because it’s pretty likely that the password policy they recommended actually puts you at greater risk. (more…)
One of my favorite phrases is “snatching defeat from the jaws of victory.” The slight modification of the old idiom is the perfect way to understand how it’s possible for even the most effective, well-written, well-intentioned, and strategically developed cybersecurity policies to become irrelevant.
In my experience, I’ve seen a company’s management find so many ways to completely neutralize their own cybersecurity policies. For the most part, they involve some level of egotism oftentimes associated with management, the most obvious being the idea that “these policies don’t apply to me.” However, there are many ways, some much less obvious, for management to undermine their company’s own cybersecurity policies.
And, by extension, making their company, their employees, their customers, and themselves less secure. (more…)
These days, keeping your business safe requires a lot more than running an antivirus program now and again and praying for the best. One of the most important tools your company can employ is a Virtual Private Network, or VPN. A business VPN is more than just geo-blocking, it’s an absolute necessity for business these days.
Although the basic operating principles for Virtual Private Networks are the same regardless whether you’re using it for personal web browsing or as the backbone of your company’s online interaction, selecting the right business VPN for your particular purposes relies on vastly different criteria.
Those words can trigger the proverbial life flashing before your eyes.
You know there are things that you have to do, many of them some combination of painful, expensive, and embarrassing.
And they need to be done quickly and, more importantly, correctly. You need the right kind of person to get it done. You need the right Cyber Incident Response Manager…(more…)
