New security problems for companies

PRESS RELEASE
Lume Ltd

13 August 2012

Cloud technology and remote access causing new security problems for companies

Many New Zealand companies may be exposed to serious IT breaches because they fail to updatetheir remote access systems after employees leave.

Richard Cheeseman, managing director of IT and telecommunications managed service integration company Lume Ltd, said independent audits by his company have revealed a worrying frequency in the number of companies with this vulnerability.

"We find that many ex-employees and suppliers can still access the networks of companies – either via virtual private networks (VPN) or through the 'cloud – long after their association has ended.

"Most New Zealand companies, being relatively small, don't have dedicated IT Governance or a policy and procedures manual that is kept up to date with fundamental changes in the business environment, including cloud and mobile technology.

"It's not just technology. The way we are working is changing too, with more and moreemployees requiring secure remote access to a company's network, whether its because they're working from home or are on the road a lot.

Mr Cheeseman said updating remote access security protocols should be a part of business policies and procedures manual and somebody within the company should be given direct responsibility for ensuring it happens.

"It is also likely, particularly with employees, that their mobile phones, tablet computers and even home PCs have automatic exchange access to company email. That access should be removed when they leave.

"In the past we had physical security. Now the 'heart' of a company's operations are virtual, which brings with it a whole new way of having to think and act about these things.

"If we can't see it or touch it, we tend to neglect it and this can be extremely dangerous.

“For example, what's to prevent a disgruntled employee or supplier sending defamatory or nasty emails to all your customers? What's to prevent them ordering supplies if you have a credit account (it's easy to change the destination address)?"

Mr Cheeseman said that Lume Ltd was recently established because there is a growing gap in IT governance.

"Due to the growth of increasingly complex, cross platform technologies, the need for multiple suppliers and diverse IT and telecommunications platforms, more and more company's are finding themselves bewildered and overwhelmed.

"Managed service integration means we take the role of an internal IT manager to manage the various technology functions of the company, because we have the necessary expertise to help companies make good strategic decisions about their technology.

"We carry out management and oversight of the whole IT and telecommunications environment," Mr Cheeseman said.

Ends

© Scoop Media