Archive

Tag: services

Imerja finalist for Reseller of the Year

Feb 15
Imerja News
Network Computing Awards 2011

Network Computing Awards - VOTE NOW

Imerja is delighted to report it has been shortlisted in the Network Computing Awards for 2011 in the category of Reseller of the Year.

This national award recognises excellence in the delivery of solutions, service and support, taking into consideration the ability to deliver real benefits and meet customer objectives in terms of improved efficiency, ROI and investment protection, and cost reduction. 

To vote for Imerja please visit the awards website or click on the finalist logo, and select the ‘Vote Now’ menu option on the left hand side of the screen. Voting closes on Thursday 24th March 2011, with the award presented in April.

Being associated with the award as a finalist is a great accolade for Imerja, and I would like to thank you for taking the time to cast your vote in favour of our nomination.

1 Comment , , , , , , , , Read more

How to make flexible working your friend

Jul 15
Imerja News

Matt Johnson, Operations & Services Director, discusses the IT security issues involved in flexible working

With the tax man clamping down on many of the traditional employee benefits, increased awareness of the environmental impact of business travel and a focus on achieving that elusive work-life balance, a growing number of employers are offering flexible working to their staff and providing remote access to the company’s IT network. The flooding experienced across Britain at the start of the summer and the threat of congestion charging in cities outside London has also led to many business owners welcoming flexibility with open arms.

However, this set up can greatly increase the possibility of a security breach and businesses need to train their employees in how to reduce this risk, as, despite complex security appliances, it is often the relatively simple things that can leave a company exposed.

Passwords are a good example of this. When used correctly, they can have a greater impact on the safety of a company’s data than firewalls and security appliances. However, if people are not taught how to use them properly, they immediately become the greatest weakness in a company’s security system and leave your precious, confidential data vulnerable to malicious intruders.

Simple, dictionary-based passwords can be broken in a matter of minutes with current hackers’ tools, which are widely available to download from the Internet. Using your pet’s name, your child’s name or your favourite football team as a password is little better than using no password at all. Unless a “strong” password policy is enforced to control and limit access to your data, you are leaving your organisation open to abuse.  This means insisting on passwords that are difficult to guess by hackers or crack with computer programmes, such as those with a mixture of cases, letters, numerals and special characters.

The level of security on an employee’s home computer must also be monitored and one of the most common security breaches comes from the use of USB data sticks and disks to transfer information from home to work or vice versa. Even an employee plugging in an MP3 player or digital camera to a company laptop or computer can carry a certain level of risk, and a comprehensive policy should be in place to cover IT systems both in and out of the office. Employers should also provide guidance on the use of peripheral devices so that those working from home do not unwittingly compromise company security.

Flexible working can have a hugely positive impact on staff morale, productivity and employee retention. However, employers should ensure that they have a rigorous network security system in place before bringing in any home-working policy to avoid exposing confidential data to unnecessary risk.

Leave a Comment , , Read more

Online security for business

May 10
Imerja News

Jamie Stallwood, Security Specialist, comments on the importance of IT security to online business

When it comes to doing business online, you can never be 100 per cent secure all of the time but there are simple things that companies can do to help manage the threat to their data. All businesses should be working towards this basic security model in order to limit the extensive damage that can occur if there is a security breach.

When setting up a website that will hold customer information or carry out ecommerce, businesses need to strike a fine balance between usability and exposure threats. The focus tends to be on developing a useable and customer friendly site. However, from a security perspective, this means that more data would be exposed to a hacker, increasing the opportunity for identity theft – not to mention the possible damage to the company’s reputation if the site is hijacked.

For SMEs whose card payment processing is done externally, the main way to reduce the risk is by keeping the information that is accessible online to a minimum. This can be achieved by asking customers to provide just enough detail to identify and authenticate them – a robust username and password should be sufficient. The more detailed and sensitive data is then stored separately, only accessible internally rather than on the web.

Any business that processes card transactions online or through chip and pin is at further risk of fraudulent activity, whether it be local authorities taking direct debit payments, hotels taking bookings online or an ecommerce website. Businesses, such as these, need to realise that if their customers are subject to id theft or data invasions, the problem now lies with them as the merchant. Previously credit card companies and banks were responsible for data protection and dealing with id fraud, but changes introduced in June 2007 mean merchants are now accountable.

“There has been a 50% increase in attacks to online payment sites in the last two years”

One way that businesses can relieve themselves of some of this responsibility is to comply with the Payment Card Industry Data Security Standards (PCI DSS). The industry has been crying out for standards such as these in response to the alarming increase in the number of attacks during the past two years.

However, compliance is more than getting a tick in the box – there is investment involved in identifying the potential vulnerabilities and then successfully implementing appropriate IT security measures to mitigate the risk; but the benefits far outweigh the costs, and with legislation clamping down it will soon be unavoidable.

Although the main cost to businesses affected by web hacking is clearly the loss of customer information, such as through unencrypted credit card details and PIN numbers, companies must also understand the costs associated with brand damage.  Many Hackers could take full control of a site and alter its content, which is not only highly embarrassing for the business but also extremely detrimental to the brand and stakeholder relationships. For example, the reputation of major high street retailers recently named and shamed in the press are likely to be remembered for all the wrong reasons for a while to come.

Organisations need to adopt IT security as part of a strategic and planned investment for the whole business and not as a distress purchase after the event, as by then it can be too late.

Leave a Comment , , , , Read more