Page 54 - Cyber Warnings
P. 54
Cautionary Tales
If you’re a corporate treasurer, be very careful about using your home computer or your mobile
device. If you’re in an airport, for instance, you might inadvertently login onto a Wi-Fi that looks
legitimate – named something like “Lagardia” or “Heatrow” – and send critical data to a hacker
for a man-in-the-middle attack.
Again, going back to the human element, remember that terminated employees aren’t fully
terminated until they no longer have access to any of your systems. When you dismiss
someone, you shut off access to the internal network. But do you use one or more cloud-based
services? If so, someone has to go out and delete the departed individual from every one. It
takes some extra work and doesn’t happen automatically unless your cloud provider’s web
services offer to disable terminated users’ accounts.
Once more to our castle analogy, we find that cloud computing might just allow potential
invaders to glide right over the castle walls and drop in from the sky. You still need vigilant
sentries to spot them. You’ll need to give the sentries some accurate, long-range crossbows to
nail them even before they land.
Or maybe we’ve had enough comparisons with the Middle Ages. Let’s move into modern times
and sum it up by thinking of cyber-security as we think of that great American game, football.
They say that offense wins games but defense wins championships. And what do you need to
build a champion defense?
• A well-thought-out game plan – your security policies and procedures.
• A defense-in-depth consisting of big strong linemen, heady and agile linebackers,
and fleet defensive backs – your tightly controlled admin rights, robust passwords
and identity management, and two-factor authentication.
• And most importantly, your players – talented, well prepared, and thoroughly
drilled. The entire squad, from the highest-paid starters to the least-used
substitutes. Your employees. They’re the ones who do the work; they’re the
ones on whom you rely.
About The Author
Mattew Stockham currently oversees GTreasury’s product development, technical support, and
IT operations. He has over 17 years of experience in development and technology and
continues to be an asset to the growth of GTreasury. Matthew can be reached online at
[email protected] and at our company website https://gtreasury.com/
54 Cyber Warnings E-Magazine – March 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide