Before we touch on some crucial IT security lessons (and why it’s so important to have consistent monitoring of your systems), it’s time to take a brief break from your regular programming and tune into some geopolitical intrigue.
If you aren’t up to speed on the massive security breach that occurred in the federal government’s OPM computer network recently, here is a brief summary of the Hollywood-like scale of espionage (as if it were a plot from a “Mission Impossible” film) and foolishness (as if it were a “Dumb and Dumber” sequel) that took place:
Whether you’re a government agency managing the sensitive files of millions of people or you’re a company with a staff of 30 employees, there are crucial lessons to be learned from the OPM disaster:
1. Don’t wait until a sales demo to run a thorough security check of your systems.
In fact, you should have constant monitoring of your networks. Your IT personnel should be capable of consistent proactive and reactive security monitoring from day-to-day.
2. Be careful how/where you store sensitive information.
Some NATO governments refuse to store their most sensitive data electronically. Although you likely will never have to go the extreme measure of maintaining a warehouse full of paper files, the principle is the same: don’t place sensitive data in highly vulnerable locations that are not secured. In addition, always back-up your data in separate locations that cannot be accessed from your network.
3. Choose a trusted IT security team and insist that they document their security plan in detail.
It’s always a good idea to have your IT team document everything they do in writing for you so that your access to their processes and your understanding of your network security is not dependent on them cooperating with you. And if you’re in a situation where an IT company or a disgruntled employee is holding your data hostage, contact our BITS Rescue Team (Bad IT Service Rescue), and we will liberate your data and return control to you.
Contact us for more helpful tips on IT security and building a fruitful partnership with a managed service provider.