Preview Mode Links will not work in preview mode

Business Built Freedom

Joshua is a late 80’s vintage and yet to mature. He is a living case study that you don’t stop at failure and more failures lead to success. The constant learning and listening have led Joshua to the position He is with the energizing approach towards business and relationships. After setting up 4 successful companies over 19 years he decided it was time to give some of his knowledge back. You are likely to catch him on the water on a sunny day with his family and friends or building something new and exciting at home on a rainy one.

Jun 18, 2019

Security Through Obscurity is Not Security at All

I started thinking this a little while ago about how far the world has come and going back into the days of my first job, yep, many, many moons ago at Jaycar. I was thinking abouthow many people paid and their PIN number was on the back of their credit card or on the back of their key card. I thought, oh my goodness, that's not even an obscurity, that's not security at all. You might as well use a chisel to lock your door. It doesn't make any sense.

Learn more about Business IT Security:

Security is Everything

The biggest problem you can face is you don't even know if your business is secure or not unless you're in the game. You need to make sure that it is secure. You want to make sure that things aren't being taken away and that those little bits of ease aren't at the expense of security. I'm sure your IT companies have told you this before, but if you want to have everything completely secure, the most secure network you'll ever find is one that has no people on it and no connection to the internet. When I was doing some support work for a school of 1,200 machines, I can comfortably say that during the school holidays after I got everything working, nothing broke, everything just kept working. It was great, but it's not a usable system.

Stay Flexible

If you have everything completely locked down and nobody's able to touch them there's no point in having them. There always has to be a bit of flexibility and that's where you need to make sure that you're staying secure, because flexibility comes at a risk if it's not done properly. If you're connecting into your workforce from remotely you should be using a VPN or something to connect in that would connect to your phone, such as a two factor authentication.You want to make sure that you have great security in place. This goes on premise as well.

Lock it Up With Good Quality Locks

You can go down to Bunningsand you can buy a cheap lock. One of my sort of side hobby that I've done in the past to pass time and get my mind away from the analytical thinking and more towards a creative, physical thing is lock picking. It's quite a hobby andit's quite interesting. It was surprising to find, when I went over to my mate's house, his parents had just built this beauty of a home, maybe 1.6 million dollar home near the water and it looked quite nice, as you'd imagine. The home was so fresh, that grass, you could still see those lines where the turf had been rolled out. We couldn't get into the house. His parents weren't home and his parents didn't have a hidden key or anything like that, again, security through obscurity. They said, "Look, we just have to wait for us to get home, we'll be home in about two hours." I said, "If you don't mind I'll just use my lock picking set." I opened the door in about 10 seconds and that comes down to shitty locks. You can't have bad locks on your doors. You've got to have good locks, you've got to have good security, otherwise you're only keeping out the honest criminals. That's what a lock is and that's what a lot of security is around IT practises.

Get An Audit

These people have just popped in antivirus solutions and they've turned a small network into a bigger network. They're still running a mumand dad practise, butthe business is now turning over sizable income and wouldn't be able to have the downtime that was associated with a mom and dad business. Have a look, get an audit. Get someone to jump in and audit your business. You'll be surprised at what they can find, anything from security patches missing, old router firmware that needs to be updated, old wireless protocols that should be disabled or even things that let them get in because you don't have the correct types of encryptions with any of the resources that you are dishing out remotely.

What About the Cloud?

Some people think, "I'm in the Cloud, I don't have to worry about security." Well here's a big, scary notice for you, you really really do more than ever if you're in the Cloud because now if someone's breaking into your shit, you can't even unplug the cord and get away from them. You have to just sit there and let it happen. How terrible is that? That is of course unless you've got the right processes in place.

The Final Word

Have talk to your IT company and see what they can do. Security should be your number one priority. Remember that security through obscurity is not security at all. Stay good.