Cyber Security for Professional Services

Cyber Security for Professional Services

Is secure Internet access a mistake? I contend that in most cases, the answer is yes; and in Professional Services, always. In the rush to join the “digital age” 20 or so years ago, security took a backseat. The fear that some competitor would get an edge in this new future drove decisions. Rather than consider how, where or even if data and access should be available via a browser, the decision was made to move forward. Dollar signs led the thinking. “The tech guys will figure it out.”

The business side's failure to understand the implications of possible data losses and their overconfidence in the “tech guys” to provide security in a public arena were their biggest mistakes. The question back then was "What is the likelihood of a breach?" not "Is a breach possible?". Professional Services operated under “breach acceptance” from the moment they decided to move secure data to the Internet

The question that should have been asked in the boardroom before the “tech guy” was ever called was: should we join the digital age and how? The business analysis that they should have done was this:

  • Does the organization need a website?  Obviously, yes.
  • What should be the website’s function?  A website is a public access location to an organization’s data used to attract clients. Marketing, promotional, informational and other public data belongs on a website. This information does not need to be secure so a browser is acceptable.
  • But there was one more question these organizations needed to ask then - and now: Is there any secure data available on our website? Which client’s data should be at risk in the public arena? (If the answer is “all of them”, keep a portal in the “Browser-Dimension” and do nothing.)

The browser is provided for “FREE”! Not out of altruistic motives but because they make money from advertising and data mining. If the browser is tracking and storing data related to activity, all client's secure data is available to the browser provider to be used as they see fit. Secure and public are mutually exclusive.

Public email has become the preferred method for transferring some of the most sensitive business and personal data. However, Secure client communications should not pass through a public browser-based Internet. Organization/Client communications are not secure over email, even encrypted. Anything sent by public email is exactly that, public.

The bottom line is this: anything placed in the browser-based Internet that cannot be replaced with a simple format and reinstall of the organization’s website is too much data stored at this location.

The browser-based Internet is not and cannot be secure, because effective data security cannot take place in a public environment. Any organization deploying browser-based technology to provide access to private data is taking a risk with their client’s secure data.

The 2005 breach of AOL was a wake-up call that was ignored. Breach acceptance became the standard rather than breach prevention. Until business owners step back and look at the problem clearly, cyber security will never be achieved. The Internet will remain uncontrolled and "secure" data will continue to be compromised.

Browser-based access is one model or dimension of the Internet. I have started calling it the “Browser-Dimension” because it best describes the way the Internet is currently being used. Cyber Safety Harbor has put forth a multi-dimensional Internet solution that removes secure data from the Browser-Dimension.

If your business is built on secure data, that data should be in your own private Internet-Dimension with private access. Cyber Safety Harbor is here to help you achieve just that.

The Browser-Dimension is based on acceptable risk; Cyber Safety Harbor believes that the risk of an open, public environment is no longer acceptable. A private Internet-Dimension with a portal that comes into existence only when in use changes uncontrolled access to secure access.

Professional Service providers should perform public communication in public and client communication in private. Cyber Safety Harbor has just released its “Cyber Security for Professional Services” white paper to present Active Access Control for your Organization’s and your client’s highly sensitive data.

Cyber Safety Harbor, Your port in the cyber storm

Cyber Security for Professional Services- White Paper

To view or add a comment, sign in

Insights from the community

Explore topics