Security, now number one priority for modern organizations

With the resurgence of threats, security more than ever is the focus of most business leaders. A single security breach can lead to significant losses in both money and reputation: Customers get angry, business goals are compromised … it is the very survival of the company that is threatened!

To meet these threats, many standards and regulations have emerged and are constantly evolving:

  • GRDP : General Regulation on data protection for individuals in the EU.
  • Sarbanes-Oxley (SOX) : US law designed to protect investors by improving the accuracy and reliability of corporate disclosures in accordance with securities laws and other related purposes.
  • J-SOX : Japanese version of the US Sarbanes-Oxley Act (SOX),
  • HIPAA : American law for the protection of the data of the field of the Health and the privacy of the patients during the computer exchanges;
  • PCI-DSS : Payment Card Sector
  • European Directives on Confidentiality, CASB 1386 …
  • Appropriate computer controls, COSO, COBIT
  • Law N ° 2010/012 of December 21, 2010 on cybersecurity and cybercrime in Cameroon.
  • Etc.

One of the biggest challenges facing the modern business is to comply with these regulatory / legal requirements while keeping their increasingly complex IT platforms operational:

  • Private Cloud / Public / Hybrid Infrastructure
  • Off-Shore Contracts / Outsourcing
  • Consolidation projects
  • The biggest threats are internal.

 

In this context, data becomes a valuable asset to protect at each stage of its life cycle.

Nowadays, cryptography technologies have evolved a lot for data-at-rest protection and data transfer by almost-infallible encryption algorithms AES-128, AES-256, RSA, DSA, etc. which guarantee the confidentiality, authenticity and integrity of the data. Recent statistics show that the most important security flaws are in the « data in use » stage:

  • Internal Threats (Use of High Privilege Accounts)
  • Non-existence or circumvention of security procedures / charters
  • Data thefts and Terrorist Threats, etc.

As a central repository for storage, Databases are more than ever at the center of the security strategy of the IS. Perimeter security solutions, such as network firewalls, are insufficient to protect internal information. The threat environment for organizations has changed dramatically in recent years. More and more data theft and breaches are happening with advanced technologies that hackers enter a network, look for vulnerabilities, and secretly leak data from servers. These attacks may remain undetected for weeks, months, or even years.

TRUSTSYSTEMS puts at your disposal a team of Experts to help you strengthen the security of your SI by aligning it with international standards and standards. Contact us.