Recent cases of espionage involving President Dilma Roussef and the US government brought to light a topic and raised concern among businessmen with regard to the so-called security of information technology networks. In recent years the number of interactive applications employed as a network increased exponentially, while at the same time the level of user confidence dropped, largely owing to widespread access.
There are currently not only employees, but also partners, temporary help, third parties. Everybody has access to the system, which is used to move and store very valuable information.
“When we speak of security in an IT network, we have to bear in mind that the world has changed. Tools and hackers are much more sophisticated, and protection also has to be,” according to Matrix COO (chief operating officer) Eber Lacerda Junior. The subject requires businessmen to turn their eyes to what we call managing vulnerabilities, he added.
An IT system’s security is a complex process as it does not involve technology only but also people – hence it depends on behaviors and methodologies. “That is why we speak of logical security, with automatic systems that analyze traffic in real time and detect attempts at intrusion, and the physical environment where my system is installed has to be secure, with restricted access, redundancy and 24-hour support,” he summarized.
Following heated discussions on espionage, concern set in. Numbers are growing of companies that are seeking further knowledge in connection with IT network protection and which the risks that actually occur. According to Lacerda Junior, there is plenty of misinformation on the subject, in particular on email security. “It is not sufficient for a service provider to be located in Brazil in order to be more secure, many other factors should be born in mind in analyzing vulnerabilities,” he explained.
On the other hand, Lacerda warned that it is of no use to be concerned and continue adopting risk behaviors. Only a careful analysis will be able to explain what can and should be done for a company’s network security. “We should never refer to one sole resource or one sole product, but rather to a constant management of vulnerabilities,” he defined.