I wish all of you a very happy & safe 2015. Safe, not only in terms of life and property, but as the recent hacking case as proven, also in terms of your data – both corporate and personal.
Last month, I had highlighted security as one of the drivers for 2015. This month, I would like to highlight some points about data & network security and hacking attacks and learn some lessons from this unfortunate episode.
This was a highly focused attack on a single target by a set of highly skilled, funded and motivated hackers. However good the security at the perimeter, sooner or later, such an attack would succeed. Good security can only make their job more difficult, more expensive and riskier. The lesson is ‘everyone is at risk at the perimeter, make it more difficult for hackers by increasing the layers or rings’.
Security consists of 3 different actions – Protection, Detection & Response. Many of us mistake security for just protection and believe that having a good (read expensive) security solution in place is enough. As seen earlier, this is just not true. You need to detect as soon as the protection has been beached and respond immediately to limit the extent of damage and restore protection.
The most important lesson for all individuals is that password strength should not be underestimated or ignored. This is true not only for your enterprise passwords but also your data on the internet. No one wants their intimate personal details to be exposed on the internet for all to see – Unless they do it themselves on their Facebook walls!