The Importance of Security Considerations
Security is usually seen as being contrary to usability, and as such is often forsaken as a cost saving measure. Trading security to save training and implementation costs may seem like the right choice at times, but when the inevitable breach occurs, the damage to the reputation of your business, and the relationship with your customers, has an almost incalculable cost. The importance of information security grows each day, as the threat of cyber terrorism increases, and more consumers are demanding that their personal information be treated with care and respect, you cannot afford to remain idle. Information security is the contrivance of confidentiality, integrity, and availability; ensuring that you private data is not disclosed to unauthorized entities, altered and/or damaged in any way, or unavailable due to hardware failure or concerted attack has become mission critical. This protection must encompass the entirety of the information processing system, from the servers and storage networks, down to the notebooks and mobile devices that may contain or have access to sensitive data.
The stratagem for any security system should be defense in depth. Illustrated below is an example
of an information security defense architecture that NearSource IT can implement for you.
Secure VPN Services
Our VPN services can be provided through hardware deployed at your own site (requires a compatible connection and ability to change firewall infrastructure), or can be hosted at our facilities, allowing employees who are out of the office using connections at home, in a hotel, or on publicly accessible wireless connections to be confident that their transactions are secure. The third option is a blended solution of the two, using a VPN endpoint hosted at our facilities with a connection to your site, so that employees outside of the office can access your corporate resources in a secure manner.
Augmented Encryption for Insecure Services
Not all services provide the ability to have their transactions encrypted, this is especially true of legacy systems. Any service that does authentication or any other sensitive transaction in the clear is a potential source of disclosure. These services must not be allowed to continue running unencrypted traffic across your network, as they are vulnerable to disclosure, replay, and man-in-the-middle attacks. The "Augmented Encryption for Insecure Services" system can provide robust end to end 256bit SSL Encryption, as well as identity verification to ensure that your transaction is not being intercepted or altered. As an alternative, secure tunnels using AES or Blowfish encryption are also available.
Page Generated in 680ms