By Eric Kantner
Security integrators and their clients are constantly sharing information, as most integrators today have remote access to their customers’ systems so they can provide necessary maintenance and updates.
Because of this inter-related nature of doing business, it’s imperative that both parties be on guard against cyber security breaches since a threat to one partner could certainly affect the other.
For all the ease and ability that the Internet provides for sharing data and conducting transactions, it also serves as a constant temptation to outsiders to gain access to personal and business-related information and systems.
And it points out to all parties involved that threats can come in many forms and through many channels. So it isn’t just a matter of adding a firewall and calling it a day, but rather there needs to be ongoing vigilance to ensure your data is fully protected.
So what are some of the steps both integrators and clients should undertake to ensure a cyber-secure environment?
•Secure your customer’s data: Access to your customer’s sensitive data should be limited, and all customer data should be encrypted, especially when stored on laptops and mobile devices. If one or both parties are involved in handling credit card transactions, which can be a target for information thieves, make certain that the software used for transactions meets PCI (payment card industry) standards. And if a third-party handles this for you, review their PCI compliance as well, as PCI-DSS compliance is crucial.
•Conduct regular system checks for vulnerabilities: Undergoing a one-time system check is like going to the doctor when you’re 20 and assuming you’re good for the rest of your life. Ideally, systems should be audited regularly, testing for and patching software problems, scanning for internal and external viruses and shoring up operating systems and passwords as needed.
•Get your employees on board. While the integrator, his customer and the two IT departments may agree on stringent cyber-security principles, if employees aren’t made aware of the steps needed to secure data, it could be a moot point. So be sure to set up rules about computer and smartphone usage as it relates to potential problems such as clicking on unfamiliar links, accessing questionable websites and sharing company information online.
•Realize that not all problems are computer related: Client information on paper that is left unsecured is also open to theft or misuse. Integrators should secure documents that could put passwords, personal information or business data into the wrong hands.
When both integrators and clients take a hard look at their cyber-security measures, all parties involved can rest assured that the systems they are both accessing are as secure as possible.