With the horror of the Sony Pictures breach unfolding in slow motion before us, we are reminded that operational security – OpSec – is absolutely key at any company. Whether or not you traffic in high-value data, the expectation that your servers are secure enough and that your data is worthless is foolhardy. You will be compromised and it will hurt.
The primary vector for the vast majority of attacks is email. If your IT department and firewalls are working correctly, the chances that you will be hacked in your back end are low. It will happen, but the juiciest stuff is in your email archive. It is in email where your employees converse, where you trade credit card numbers and passwords, and where all the damaging one-off notes end up. In short, we’re all idiots for trusting email at all, but there are ways to reduce that idiocy.
Here are two major steps you can take to make your company more secure.