Read our Managing Directors thoughts on Data Security
We thought we would share with you some interesting data security viewpoints that came out of a recent interview with MD Jude Thompson.
How did you get into Solutions Infrastructure and Data Security?
It’s always been part of my portfolio ever since starting CSCM IT Solutions, I discovered very early on that customers would be vulnerable if this wasn’t addressed.
How do you propose to help businesses protect themselves against security risks?
Firstly businesses need to understand the risks. Unfortunately most businesses don’t, particularly not in the SME marketplace. If I asked a hundred Managing Directors or Finance Directors of SME businesses I would say a large percentage wouldn’t know what the risks are to the business or how to deal with them.
I’d say the biggest risk is lack of information available to staff. I think as soon as a threat is understood, board members and senior management team members need to know what is being done about it.
I still find it quite shocking how many businesses adopt the “we are okay” approach without first taking the necessary steps.
What kinds of security risks are posed to businesses nowadays?
Phishing is still a problem and although many businesses know it exists, people are still falling foul of these scams every week.
Social engineering is becoming a problem where hackers are able to exploit customer’s staff and gain access to systems. Malware and general threats will likely never go away and still pose a risk to businesses.
Inadequate protection on all computers is a big risk, it’s amazing that my team still find computers on prospect customer’s sites without anti-virus software. It’s quite common to see old computers that sit in the corner of a factory attached to a CNC machine running Windows XP, that is connected to the network hasn’t been updated for 2 years and has no anti-virus on the system because the software it uses doesn’t like it.
Do you think SMEs are particularly at risk or don’t they consider themselves targets?
Every business has some element of risk, whether they consider themselves at risk is down to the understanding from the people in charge.
In your opinion, is IT security taken as seriously as it should be?
In some cases yes very seriously, we have customers where monthly meetings are held to discuss elements of systems and access to date.
Others, not so much, I still think there is an over reliance to push the responsibility on to IT departments without obtaining all the information. Yes in many respect a lot of what we are talking about has to be dealt with by IT but it is so much more than that these days.
It’s a business responsibility and understanding that is important.
With all these advancements in Cloud technologies, do you think the digital landscape becoming a riskier place?
Yes of course it is. When I started out there was no digital landscape, the more you add to it the more risk there is, isn’t that the case with everything?
You just have to understand what you are using, why it’s there are what the risks are.