Isn't it time businesses got their act together?

  TOPCAT® 17:49 09 Oct 2004
Locked

I'm speaking about the vulnerability of their desktop PCs and networks as the top twenty computer threats are unveiled at the link below.

Most of us in this forum take sensible precautions in protecting our PCs from hacker assault, but it seems to me many businesses either lack the foresight or will to do anything about it. Which probably costs them dearly in the long run. TC.

click here

  LastChip 18:29 09 Oct 2004

Some businesses lack any form of security (in it's widest sense) due to ignorance.

Some are of the opinion, they will patch when someone gets the time to sort it out; of course, that time never arrives.

Some however, are keen to operate in as secure environment as possible, BUT, have bespoke software that is often mission critical and therefore, patches have to be thoroughly tested prior to roll-out. Sometimes, the patches "break" other software, so although in principal they would like to secure the system, the problems outweigh the advantages, and systems remain vulnerable.

It is noticeable that IBM, surly one of the largest IT companies in existence, refrained from introducing SP2 to XP, precisely because they wanted to thoroughly test it first with their other software.

So, Yes. Some companies need a good kick, but for others, it is a far more complex affair.

  Forum Editor 18:51 09 Oct 2004

in a recent edition of ther magazine. It is indeed a worrying fact that many businesses are wide open when it comes to security. They fail to develop an effective security policy, and even when they do it's often poorly implemented or ignored altogether. I'm not just talking about small businesses either - many large companies are quite lax when it comes to supervising their staff's use of the internet.

The reason? Apathy quite often - managers are often not very computer-literate, and they underestimate the scale of the problem. Data vulnerabilities are perceived as something which happens to other companies, and threats always come from outside. In fact, many security breaches are inside jobs, and on quite a few occasions I have been involved in detecting serious security breaches by in-house personnel.

  TOPCAT® 20:04 09 Oct 2004

experience of IT procedure in the office, something I had little knowledge of during my working life. Too busy working 'out in the field' then, but I continue to learn more every day about modern business and its complexities. I glean most from this forum, I hasten to add! LastChip and the FE have just added to this learning.

From what I can gather, when socialising with those from an office background, many company managing directors, or CEOs as they're known these days, worked their way up to such status from accounting and not the shop floor, as of old.

It naturally follows that these people more than others would tend to keep an unwavering eye on the profit and loss account. So, if a company's network security is breached and office/warehouse output virtually ceases for some time, the old balance sheet can soon begin to look a bit grim. I would have expected these sort of bosses to have suitable safeguards already in place, so they can close that unwavering eye when they slept!! TC.

  Forum Editor 13:00 10 Oct 2004

- and I've worked with and for lots of them over the years - is that they are continually whinging about budgets. IT directors have to fight toot and nail to convince the board that they need the money to pay for new hardware/software/staff etc., and I'm often called upon to provide a convincing strategy report - one that will persuade the finance director that we aren't going to spend all the money on trips to Las Vegas. I did once go to Las Vegas with an IT director, but that's another story.

Money's important - it's the reason the company functions in the first place, but I do sometimes feel that funds are denied to the IT side of the business because most of the main board directors can't tell a virus from a Trojan. I often have to make presentations to board meetings - trying to explain the need for large amounts of money to be spent over several years. Sometimes I get a vibe coming back - there's a degree of "I can't understand what this man's talking about, and what I can't understand I don't trust, so I'll play for time". Sometimes I'm contacted privately by one or other of the board directors. They'll invite me back for a one-to-one meeting to "get me up to speed on all this IT stuff".

I'm sure that scenario is repeated all over the country (and beyond) many times. Eventually it will change. Big companies will be run by people who have groen up with computers, viruses, DOS attacks et al, and they'll face the security challenge from a position of knowledge and confidence.

  Sapins 14:51 10 Oct 2004

Ah!, so you spend some of the money in Las Vegas?

  TOPCAT® 10:23 11 Oct 2004

features high on the list of priorities, plus someone in authority having the knowledge and desire to do something effective. There is a price to pay for good corporate security, but the results of a major attack can mean an even greater price to pay without it. I know which option I would take. TC.

  Forum Editor 20:52 11 Oct 2004

Las Vegas was a freebie, I admit, although by the time I left it didn't quite seem that way.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Google Nest Hub Max review

Lena Vargas on bringing life, fun and adventure to her art

iOS 13 release date, time & new features

French Days 2019 : dates, sites participants & bons plans