Newsletter May 2006

Security, or, Even Paranoids Have Enemies.

Security or Even Paranoids Have Enemies

Lately, we've been thinking a lot about security, for two reasons. Like most of you, we're aware of the stories of stolen and missing data that constantly hit the mass media - not to mention the computer-industry media. And on our own projects, security concerns that didn't even exist two or three years ago are now front and center. That means that if you used to be content when your checks printed and your ledger balanced, you should start worrying about firewalls* and outside hackers. Security needs to be a part of EVERY application you use.

1) Three Basic Questions

Unfortunately, security is a huge subject, and often businesspeople don't know the right questions to ask to make sure their companies are protected. To help you secure your data and sleep better at night, we'd like to ask you three questions. It's not difficult; if you understand the importance of shredding certain documents and strictly controlling the release of employee personnel data, you should be able to understand the basics of corporate data security. Here, then, are our questions:

  1. Can someone walk in without asking?
  2. Do you know what walks out the door every day?
  3. Do you know what you send out the door every day?

2) Can someone walk in without asking?

Let's consider the first one. Can someone walk in without asking? Even if you're a small company without a receptionist, you don't let people in the door unless you look through the peephole first (at least not if you live in New York). But when it comes to data, people can get in all the time.

First off, there's the obvious specter of the network hacker, some guy out there in cyberspace who gets into your company's system by way of its Internet connection. Now, maybe you're saying, "But we have a firewall." That's great. Our question to you: Have you ever had anyone try to get through your firewall? Just as financial reports can be written incorrectly, firewall setup can be done incorrectly. The difference is that businesspeople can check reports, but they generally can't check if a firewall is working. So if you've never had your network tested, you should do so now.

Second, you should be aware that your public-facing Web sites may be hackable even if they're password-protected and encrypted. Has anyone ever actually conducted a test to make sure that no one can get into the network?

Third, companies often forget to deactivate the accounts of former employees on their systems. It's an obvious mistake, but it gets made all the time. What's your procedure for shutting those accounts down?

We'll talk about the other two questions next time. But if we've made you anxious or concerned, give us a call, and let's see how you can feel confident again.

* Briefly, firewalls keep people outside your home or office from getting to your computers through the Internet. Back.

Red Three Consulting: Transforming Information Technology into Answer Technology

So, what if you really can't do something?

Fundamentally, many people spend ages getting complex systems to work, but then can't get any information out of them. Often this results in them blaming the system as insufficient and thinking that their very expensive investment just wasn't worth it.

It's All About the People: A Pop Quiz

We want to insist that above all, what makes IT fail is a lack of communication and shared understanding.

Opening the IT Black Box, Part 1

Lucky for us, many people are unhappy with the technology that runs their business. This unhappiness manifests itself in many ways-they can't serve their customers properly, they can't get the information they need, or maybe they just can't sleep at night because they have no certainty that anyone really knows how their systems work.

Archives

Red Three offers:

  • Accounting System Support (Lawson, Oracle and many others)
  • Multi-System Reporting
  • Legacy Integration & Optimization
  • Business Intelligence