It’s old news to say that every business, large and small, is dependent on technology. What’s new is that critical technology is more at risk today than ever before. The good news is that IT best practices and security measures are getting better and better every day. The key to protecting your technology is to implement these practices as they evolve and stay ahead of the curve.
I have been in the technology business long enough to remember when all the Information Technology at companies was controlled by the IT department. It was centralized, protected, and isolated from the rest of the world. Even then, it was subject to social engineering and local attacks of bad actors with something to gain. If you want a review of what was going on back then, and some insight into the history of today’s cyber attacks you can take a look at Kevin Mitnick’s books, I especially liked Ghost in the Wires.
With the PC revolution in the eighties, businesses began to embrace the idea of having complete control of the computing power that was becoming available without the bother of waiting for the IT Department to approve and implement it. Accounting departments and small businesses were just buying PCs and using them. Individuals had complete control of the machine, they could install any software they wanted, and everyone loved the freedom and productivity that PCs allowed.
That worked great with these were standalone machines with no connections to anything else, no problem on the PC could take down the operations of the company. The IT department still ran the systems that counted. Later when local networking developed to a point when it was practical to connect all the PCs in a company together, it became easy to roll out companywide software that was more flexible, more user friendly and practical. The PC took over computing throughout the organization.
When this happened, you had computers that were intended for stand alone use originally that allowed the user to have full access to the system all connected together and running key company systems. Over time, methods were developed and implemented that could lock things down a bit and all was well. All that changed when we began to connect the networks of Personal Computers to the Internet and the rest of the world. Now all the company’s critical systems were exposed to the whole world and the operating systems were never designed to do that.
At first all was well, but as time went on criminals began to find ways into these networks across the Internet. Social Engineering combined with highly sophisticated technical methods employed by highly talented criminals with a lot to gain has changed the game over time.
Today, every company that uses technology is now at a growing risk to all these highly motivated criminals. The job of IT professionals is to grow and elevate our skills and methods to meet this challenge. Your job as business owners and managers is to recognize this growing risk and protect your company’s assets and operations from this risk by taking advantage of them and implement appropriate measures as they become available.
Stay tuned for my next article on what some of the measures are. I am going to address these issues in a series of articles. If you need to talk about protecting against these risks today, please call or send me a message, I will be happy to help.
