Top 3 Security Concerns for enterprises

Mobile technology continues to move forward in all aspects of business, however security issues
threaten to slow down the progress. The modern enterprise is waking up to the needs which can
be addressed by mobility solutions. Yet the barrier that stands in their way to embrace enterprise
mobility is a massive one-security.

For most organizations today, cyber security concern is of top priority on their radar. The most
valuable assets that companies own is the information about their business-client records,
payroll information, sales data, etc., and the list of the companies who have learnt this the hard
way is a long one.

Most security breaches are caused by human error and poor security discipline. For instance, in
April 2011, it was discovered that the personal and condential data of 3.5 million teachers, state
workers and retirees in the state of Texas was lying unprotected on the Internet closely for a
year. As far as the history of executive management goes, chief executives and IT security
professionals do not seem to have a close working history. However, the mammoth security
attacks on corporate giants like Google, Amazon, Citibank and JPMorgan have made the CIOs of
today to sit up and take notice. Infact it would not be untrue to say that security threats are giving
sleepless nights to the leaders of today. As enterprise technology has become more signicantly
complex and mobile, when compared to what it was ve years ago, eective security requires
more than a set of guidelines and tactics.

Infact recent research indicates that a single data breach can cost companies up to $7.2 million at
an average of $214 per compromised record. This is a warning bell for CIOs to set the agenda as
to how IT security should be addressed across businesses. A security breach can lead to serious
nancial loss, but that is just the tip of the iceberg. It is therefore of utmost importance that CIOs
have a clear understanding of security loopholes and be deeply involved in developing and
implementing a strategy to combat these threats.

Human Error: Though it might not come out as expected but, it is human error and not
malicious intent that is the primary cause of critical corporate data breaches. According to
Gartner, Inc., more than 99 percent of rewall breaches are caused by miscongurations rather
than rewall aws. With big money being invested for the protection of data in large
organizations, CIOs must wake up to the fact that making fundamental changes in the way
security is managed and congured, especially at the network level can actually go a long way in
reducing the number of security breaches occurring through human error. It is critical for CIOs to
identify ways to reduce network complexity and minimize the risk of human error across the
security process thus improving the eectiveness of IT security.

Cloud Security: Cloud computing is not a new term for CIOs interested in executing cyber
security programs. In simple words, cloud computing allows companies to outsource their IT
infrastructure to a virtual environment which is either on a public or private cloud. Therefore
cloud computing serves as an eective strategy to reduce technology costs and redundancies.

So what is it that blocks the way?

According to Gartners research report, security is the top concern for companies looking at
migrating to the cloud. The lack of condence in the security capabilities of the cloud service
provider is the top reason why organisations hesitate to take the leap to cloud. Visibility,
monitoring, access control etc are among a few security challenges faced by cloud providers. For
instance, the disastrous web server failure of Amazon in April 2011 was a breach of service that
temporarily brought down the online presence of thousands of its clients.

How will your business be aected if you are not able to access certain data on the cloud? What
impact will it have on your customers? How do you make sure your data is not being incorrectly
accessed? These are a few questions that CIOs must ask themselves before expanding their
dependency on cloud.

Mobile Security: As the number of mobile and smart devices accessing critical business
information is rapidly on the rise, mobile device security becomes increasingly complicated to
implement. The biggest threat here is the device itself. If left in wrong hands, it could be nothing
short of a debacle. It is upon the CIOs to prioritize the execution of a policy that strictly lays down
guidelines relating to usage and liability of both personal and company owned devices and that
foresees the ways and means to combat incoming threats from mobile device usage. BYOD risks,
is a high concern of any security manager today as it allows less control than ever on
unauthorized access to enterprise data. As enterprise BYOD adoption rates continue to rise,
organizations are on the lookout for a tradeo between BYOD risks and rewards.

There is no getting around the fact that it is infact a formidable task to ensure end to end IT
security. It is hard to build a connected risk-aware-culture and it is even harder to change the
existing culture. But as the stakes are high, it is highly recommended to have security essentials
in place. Measures such as building security into design, controlling network access through
monitored access points, centralized device settings and building an automated and unied
system to manage and respond to incidents should be implemented to meet the growing cyber
security challenges of the day.

www.xcubelabs.com