ISM

OUR BALANCED APPROACH

Do you and all your staff realize that the basis of information security is employee awareness, and no complex software or physical protection measures will work without the participation of everyone in your team?
Do your employees know what kind of information they have and are there clear instructions given to them on how to store, copy it and with whom to share it?
Do they know who is the owner of certain information and whom to ask for permissions about it?
Do your employees know how to recognize very basic malicious email messages and do they understand which files should not be opened and why?
Do you realize that most information security incidents occur from within the company, with the unconscious participation of employees who, through negligence (due to lack of training!) run malicious code or share information without checking?
If some your engineer receives a call from high-ups at headquarters and they ask him to send latest blueprints to an email address ended @gmail.com, are you confident that he will doubt the authenticity of the call and demand additional confirmation?
Are you sure that there are no cases of “tailgating” in your company? (physical security breach whereby an authorized individual lets an unauthorized person to follow him into a secured premise, usually happens as a “courtesy” to a colleague or a stranger)

The false idea among employees that information security is based solely on complex programs and incredible AI algorithms and that hacking occurs as shown in the movies is a threat to the security of your enterprise!
In many countries where technology is not developed, security is based solely on the attentiveness and suspicion of people – this works great, and it is not known whether modern complex IT systems are more effective (probably not!)