I think something that’s really important, really important for you to know. Whether you’re an IT person. Whether you’re an infosec person. Whether you’re a developer coding an application or you’re just a user that uses software built by your company or someone else is that there is always somebody in this world that is trying to get your information. That is trying to break into your accounts. It doesn’t matter how obscure your information seems or how secure your network may seem to be. There’s always somebody out there that is trying to get that information.

They’re trying to get it for their own personal reasons. It may be financial. It just maybe they want to cause malicious harm. The point being is that the philosophy you should take on yourself. There is always somebody out there that is going to try and get into my system and do it harm.

Whether that’s stealing information or whether that’s just breaking your systems. That keeps you in the mindset of this is why the security is important. This is why our IT administrator may say we need to change our passwords every 30 days or that we can’t keep using the same password every time we reset the password.

A lot of these things are cumbersome and difficult and maybe annoying when you come in and you have to reset your password but that is the reason why. There’s always somebody out there trying to get into that account. If you use a simple password or if you don’t employ these kinds of policies on your network. You decide to let users always use the same password, you’re opening yourself up to being the victim at some point down the road.

That can have major, major repercussions with things like financial loss or loss of contracts with companies that you lose data for. Something that South Seas Data strives to do is provide you the most secure ability to do what you need to do while also trying not to impact your user with that security.

It’s a delicate balance of trying to figure out what is the proper way to implement that security to try to meet the policy and guidelines such as PCI but also not impact your business process so much that you can’t actually do the job.

That’s where we’ve had decades of experience in this kind of stuff. Specifically with PCI compliance and, within the last few years, with HIPAA compliance, is trying to figure out what are those policies and how do we apply them to a Windows system is specific or also another case is on Linux as well.

In doing that, we’ve come to have a lot of experience in trying to determine how you should apply those policies to Windows and trying to give you ideas on how to do that properly in systems use such as Applocker. Is that correct for your organization or is it not? Is providing administrative access to a user, is that the correct way to do it or should you actually find a different way to do that.

All of this has to be custom-tailored to you.

We can tell you what things that we think you could do and what things we think might open you up to vulnerabilities from these people that are trying to get into your network always.