As noted on a recent blog on Datacentre.me a recent publication by the governmental group Communications Electronic Security Group (CESG) suggested that forced password expiration could be outdated and counterproductive to security. The report goes further and CESG is recommending account holders should no longer be forced to change their passwords regularly.
How have CESG come to these conclusions and why is it making such recommendations you would be right to ask. So, let me break the reasons for the new guidance down with just a few examples.
Here at N2S we are proud of our data security expertise and we agree wholeheartedly with CESG when it says there are now other, more secure, ways to accomplish what password security has historically achieved, such as using one of the many sophisticated monitoring tools available.
As we are CESG approved to provide data protection services at the highest level of the HM Government we are extremely well placed to offer the best advice on this issue. We say the time has come to review traditional password protocols to ensure you are using the most secure and up to date methods available.
However, Cyber criminals are becoming much more sophisticated and are now more targeted in their approach and this has led to the emergence of a new and dangerous phenomenon – spear phishing.
Unlike general phishing, with spear phishing the cyber attackers carefully research their intended targets, such as gaining information from their social media accounts or from any other information they put on the internet from their PC. For example, they might scan social networking sites to find a targets page, their email address and their friends list. Often spear phishers are not after money, there are more likely to target specific organisations to obtain high level confidential information such as business plans, corporate secrets or plans for sensitive technology.
You may feel you are far too sensible to fall for a trick of this kind, but these cyber criminals are a clever bunch of guys and gals. Using information they have found the spear phisher can pose as someone you know and send emails which appear to come from a trusted source such as your accountant, solicitor, your bank or work colleagues. They will then try to trick you into handing over confidential and sensitive information that they can use for their criminal purposes. Every individual at any business, corporation or organisation is a real target for the spear phisher and we all need to take action to protect ourselves.
So, how do we protect ourselves from these clever cyber criminals, you may ask. Well, here at N2S, we have spent years perfecting our data protection services, so we truly qualified to advise on this matter:
It is becoming common place for members to staff to struggle with more complex systems, for a company to lose track of hardware and to run into a number of complicated issues on hardware waste. These issues can lead to unnecessary downtime, decreased productivity, increased chances of data breaches and missed opportunities to make money from the reuse of redundant equipment.
However, with a robust asset management policy in place most companies can avoid the issued outlined above and ensure its IT infrastructure is managed, maintained and tracked in the most efficient manner.
Below I am happy to share with you some vital steps you need to take to ensure you are handling your hardware assets in the best possible way.
1: Plan disposal
Hardware disposal used to be as simple as throwing out old equipment but that has all changed. Companies now face huge financial penalties for data breaches meaning disposal must be carried out in a safe and secure fashion. The most efficient way to ensure safe disposal is in the planning. Hardware asset management identifies when equipment is nearing the end of its life so organisations can organise and plan appropriate disposal. Good management includes the physical destruction of all data, data back up and ethical disposal and recycling of equipment.
2: Regularly maintain
Effective hardware asset management ensures all equipment is tracked so companies know when assets need servicing or repair, saving long term costs.
3: Identify your needs from the outset
It is essential to map out IT needs from the outset. Good asset management allows you to identify any potential compatibility issues between network devices and your hardware and software.
4: Track, track and track
Hardware asset management is also an effective tool in tracking down missing hardware. All assets can be uniquely tagged for immediate identification. When assigned to a specific person or department it is simple to identify who has responsibility for and access to the missing items.
A key questions organisation should ask themselves is do they need all the hardware they possess. Having too much equipment can lead to unnecessary costs. Just think, how the costs mount up; purchase price, operation costs, maintenance repair and disposal. Good hardware asset management will ensure all personel and departments will have all the equipment they need but will also eliminate unnecessary purchases and associated costs.
To maximise efficiency and value of IT assets it is vital effective management and tracking procedures are in place at all times. However, research shows many companies are finding it difficult to keep track of their IT assets and their current status.
Businesses today operate on a broader, more global scale with IT assets often purchased, implemented and maintained by different departments in various locations. Combine this with the fact that IT infrastructures are constantly changing and evolving, you can start to see where the difficulties occur.
Often IT infrastructures are so diverse companies can’t accurately manage important issues such depreciation of equipment, possible return on investment, adhering to licensing agreements, measuring running cost or system usage. The result of such issues inevitably result in inflated and unnecessary costs, ineffective performance, unplanned downtime and wasted opportunities.
IT asset management (ITAM) solutions can help solve all the above issues and when implemented with skill and professionalism will help organisations gain more effective control over their IT infrastructures. These systems have been so effective at helping companies derive greater value from their IT investments that the demand for such services continues to grow and grow. ITAM solutions enable businesses to implement effective technology-related functions, including purchasing, engineering, administration, inventory management, financial assessment and tracking. ITAM enables the effective and cost-efficient management of all technology assets from the beginning of their lifecycle to the end.
This means from procurement and implementation, to ongoing maintenance and through to redundancy and replacement. Armed with this information, organisations can improve infrastructure efficiency and performance, and minimise related overhead expenses.
Here at N2S, we have always offered a comprehensive ITAM service, but thanks to our exciting new partnership with Trackit Solutions, we are able to take this service to a whole new level, beyond anything else we believe is currently available on the market.