Not so long ago, security was only a small part of a company’s IT strategy – back in  the days of dial-up, ISDN, and on-deamand connections, security was not deemed a necessity rather it was an “option”. Hacking was performed mostly in closed underground communities, and targets were mostly compromised for bragging rights, and for the most part went unnoticed by the general public.

Today, both customer and personal data seems to be the desired target. Incidents make news headlines on a daily basis and everybody is talking about viruses, ‘bot-nets’, ‘trojans’, and hackers. Incidents like these can change the public view of a company overnight, and the stolen information can be used for malicious purposes – affecting people young and old across the world. No one is safe!

Despite the aforementioned, there seems to be countless people in middle and upper management that believe that ‘having a firewall’ is the  “end-all solution” and is enough to stop even the most determined hacker. Even more dangerous, are ‘IT Administrators’ that preach to employees that their anti-virus software will keep them completely safe. Nothing is further from the truth.

Best practices  require multiple layers of security, virtual, physical and even social. Are you safe? Can your organization honestly say that you have a complete, 360 degree security solution and practice implemented? Do you know if it is being maintained ?  Who is watching your security to make sure you haven’t been broken into? How can you be sure that you are?

Just enough security, is not enough security.