Many times we get calls for prospective clients wanting us to secure their networks but they rarely call and ask us to secure their people, communications, executive meetings, etc. You don't use a wireless mic in closed meetings do you? They are all concerned about their networks, hackers, phishing and other areas but if I were to attack a company these days I wouldn't come through the door they were expecting.
Your company's security is only as good as the people they have that understand the threats. Instead of SLC Security Services LLC coming in the door, finding and eliminating the threat we take things one step farther. We have to ensure that your security team knows the signs and symptoms of other attack vectors often overlooked....
I'm our upcoming book "The TSCM Challenge" (Available on Amazon, Hardcover and Kindle) in January 2015 we finally have put together a book that we feel is the most important read for your security engineers of this decade. The book with of course cover network security, firewalls, Intrusion Detection, Servers, Workstations, Mobile Devices, Pagers, Tablets, etc, etc. But that's not the main focus of the book. The focus of the book is how to adequately safeguard your corporate data from theft, espionage, intentional failure of programs and concepts at the hands of your employees, loss of intellectual property, the selling of intellectual property to your competitors (yes it does happen and we do investigate this frequently), background checks on employees as well as follow up investigations, policies in the use of facilities as well as personnel matters to include illegal activity, financial issues, etc, etc.
We identify the key threat areas from your personnel, network devices limitations, lack or overbearing policy, treatment of employees, etc. We touch on executive management style and how it can foster a positive work place that makes people want to be loyal to their employers. We look at the psychology of a job and what can be done to eliminate the human threat.
In addition we look at the work environment. Is the workplace, secure, safe, comfortable and suitable for bringing about workers wanting to put in 110% everyday because it's a great place to work. If you have happy employees the chance of an employee selling your ideas and business plans to a competitor is greatly reduced.
Then we look at things like the way you do your job. Are there processes that put company information at risk? Does your company utilize encryption on their email? Do they have locking desk drawers or a secure area to store things in their office? Do you have a shredder in your office to get rid of old confidential documents? These are things that should be available in every office as well as some creature comforts to make your employees comfortable. Once employer replaced all the older chairs with new ergonomically correct chairs and realized that people were working more overtime (and they could because they were not in so much pain).
Do you know the signs of a problem employee. A problematic employee may not show any signs that they are angry with management and may lash out other ways by helping your competitor. Many industries are close knit industries where people of like skill will more than likely know each other outside of work. These relationships can cost businesses if they begin sharing information or talking about their work outside of work. You do have a policy against this right? Oh and you do verify people are following the rules with this right?
We will cover technology old and new in the book and it will be interesting when we delve into these and many other topics. The book will be available via Amazon on 1 January 2015 and will soon be available for pre-order as well. Look for it in January.
The purpose of this page is to provide awareness to individuals and organizations that are leaking information and the information of their customers. The entities listed on this site are verified to be leaking personal information sometimes without the company even being aware. SLC Security is now owned and operated by Jigsaw Security Enterprise. We are currently in process and as such this blog will eventually be taken offline and merged with Jigsaw Security resources.
No comments:
Post a Comment