Building a Secure Organization

11016 WordsNov 22, 201245 Pages
Building a Secure Organization John Mallery BKD, LLP Chapter 1 It seems logical that any business, whether a commercial enterprise or a not-for-profit business, would understand that building a secure organization is important to longterm success. When a business implements and maintains a strong security posture, it can take advantage of numerous benefits. An organization that can demonstrate an infrastructure protected by robust security mechanisms can potentially see a reduction in insurance premiums being paid. A secure organization can use its security program as a marketing tool, demonstrating to clients that it values their business so much that it takes a very aggressive stance on protecting their information. But…show more content…
In addition, today’s computers present a “ user-friendly ” face to the world. Most people are unfamiliar with the way computers truly function and what goes on “ behind the scenes. ” Things such as the Windows Registry, ports, and services are completely unknown to most users and poorly understood by many computer industry professionals. For example, many individuals still believe that a Windows login password protects data on a computer. On the contrary — someone can simply take the hard drive out of the computer, install it as a slave drive in another computer, or place it in a USB drive enclosure, and all the data will be readily accessible. Computer Users Are Unsophisticated Many computer users believe that because they are skilled at generating spreadsheets, word processing documents, and presentations, they “ know everything about computers. ” These “ power users” have moved beyond application basics, but many still do not understand even basic security concepts. Many users will indiscriminately install software and visit questionable Web sites despite the fact that these actions could violate company policies. The “ bad guys ” — people who want to steal information from or wreak havoc on computers systems — have also identified that the average user is a weak link in the security chain. As companies began investing more money in perimeter defenses, attackers look to the path of least
Open Document