July 10, 2009
There is a great article on Foxnews.com today about phony wi-fi hot spots in airports, hotels and even in the air. A recent study done by AirTight networks checked 27 airports across the country and found numerous holes. This is a big exposure for business travelers traveling with a company laptop. By logging into a “fake” network, you expose anything you do to the hackers. This could give them access to e-mails, client information, financial information or anything else on your mobile device.
To read the entire article, click here.
June 11, 2009
One of the biggest challenges for IT employees is to get the CFO or CEO of their company to approve a large expenditure to secure their network. Whether it be the purchase of software to monitor rogue wireless access points or setting up a back up data center, it’s difficult to get approval. The first question most upper level managers want to know is how will this make the company money.
The answer to that question is simple, IT WONT! But it will save you a lot of money and headaches when you are able to prevent a data breach from happening. In most cases of data loss, something could have been done to prevent the breach but the appropriate security protection wasn’t in place. Hopefully as Washington puts more pressure on businesses to secure their networks, upper level managers will become more willing to spend money to do so.
June 1, 2009
One of the biggest roadblocks to the emergence of Data Privacy insurance is it’s cost. I believe the challenge in pricing the coverage correctly comes from the underwriters difficulty in grasping the overall data and network security of a business. In talking with businesses, it quickly became clear to me that there were a few characteristics that set a business apart from it’s neighbor in the area of data security. If I can find enough businesses that demonstrate those cahracteristics, I believe we can estable a “premiere” risk class and get competitive pricing on data privacy insurance.
I met with one of those “premiere” risks today and wanted to point out a few of the characteristics that makes them a leader in Healthcare IT Security.
- They have software in place that will detect any rogue wireless access point
- The have policies and procedures when any change is made to a firewall, router, or other piece of network hardware
- All systems are scanned on a weekly basis and they hire a 3rd party to attempt to penetrate various systems on a continuous basis
- Employees are trained annually on protecting sensitive information
- Their data is all stored and backed up in a Tier 2 data center which will become a Tier 3 center in the next year
These are just a few things that I believe a business can do to help establish themselves as a “premiere” data privacy insurance risk.