mesh jots

By Ramesh Rajandran ( published in News Straits Times – Tech&U )

Computer and online security is a serious concern for businesses of all sizes today. While the IT departments retain the primary responsibility for ensuring information security, the impact of an attack will affect the entire organisation - both as direct costs of repairing the damage, and as indirect costs that are incurred when corporate resources are interrupted.

To make matters worse, network threats have moved from predictable front-door attacks to more widespread and sophisticated assaults. Information security issues can be as diverse as virus or worm infestations, denial of service floods, spyware, automated Internet attacks or outright theft - the result of which is lost information and lost time. Improving security can seem complicated, though, and it's often difficult to figure out where to start.

Without implementing adequate protection, companies are at risk of having their operations critically disrupted. At the very least, online attacks can have a negative financial impact on businesses - from employee productivity loss and higher bandwidth, to unauthorised access to critical information. Furthermore, vulnerabilities create opportunities for people (competitors) to steal valuable data, (such as trade secrets or confidential customer information) that can severely damage a company's brand and reputation.

In Malaysia, The National ICT Security and Emergency Response Centre reported a total of 1372 internet security incidences in 2006, a 60% increase from 2005. Despite this, many businesses still spend less than 1% of their IT budget on information security.

Imagine if your computer systems were unavailable for a week. Imagine if you lost all the data stored on all the computers in your company. Imagine if your biggest competitors were able to get a list of your customers along with sales figures and sales notes. How long would it take before you noticed? What would these breaches cost your company? Could you afford these losses?

The role of security has gone far beyond just manning entry/exit points and password administration; it now covers surveillance, threat mitigation and risk management. We work closely with our local partners to educate business customers that security is no longer merely a technical issue, but a vital component of business success that affects the company's commercial results, employee productivity and customer confidence.

"Most companies don't understand and value the importance of securing business information until something happens," says Ariffuddin Mokhtar, Director of System Integration Services at VADS Berhad. "One of the reasons for this is that many IT executives and consultants don't present security issues in business terms. They need to understand the business, its drivers and its objectives. Tie security to these business aspects and illustrate this relationship to management.

Many local companies believe they do not need to worry much about business information security. After all, they reason, who would want to target my business when there are so many bigger fish out there? But from our experience, no company is safe from these problems. There is malware that targets products from virtually every software vendor. Every business is vulnerable to the risks that come with unauthorised access to corporate information.

It seems like common sense. You wouldn't leave your home unlocked at night. The same is true with information security, and a few simple steps can help make you a lot less vulnerable. Luckily, securing your business is easier than you might think.

Microsoft's Commitment

Microsoft is firmly committed to improving our customers' experiences on the Internet. The recently launched Microsoft Forefront comprehensive suite of business security products provides mid-to-large size Malaysian organisations greater protection and control over the security of their network infrastructure.

Microsoft Forefront security products easily integrate with each other, with the organisation's current IT infrastructure, and can be supplemented through interoperable third-party solutions, enabling end-to-end, defence-in-depth security solutions.

Simplified management, analysis, and deployment enable IT professional to efficiently protect organisation's information resources and help secure access to applications and servers.

With highly responsive protection supported by Microsoft technical guidance, Microsoft Forefront helps IT professional confidently meet ever-changing threats and increased business demands.

The products current available under the Microsoft Forefront suite of security products:

• Microsoft Forefront Client Security – provides malware protection for business desktops, laptops and server operating systems that's easier to manage and control.
• Microsoft Forefront Security for Exchange Server – helps businesses protect their Microsoft Exchange Server messaging environments from viruses, worms, and spam.
• Microsoft Forefront Security for SharePoint - manages and integrates industry-leading antivirus scan engines to help provide comprehensive protection against the latest threats, inappropriate content, and disclosure of confidential information