SBA * Consulting LTD - Part-time or Interim CFO's   SBA * Consulting LTD

               Financial Growth is Good
  • Let us help you grow
  • Let us be your Chief Financial Officer
  • Home
  • About
    History Recommendations Sales Literature
  • Consultants
    Regional Offices Alpha Order Practice Area
  • Press
    Current Articles Letters to the Editor Written about SBA 2003 and Before Newsletter Research
  • Jobs
  • Services
    Accounting System Implementation Business Plans M & A Rates Real Estate Relocation Services Service Offerings Term Sheet Turnarounds
  • Blogs
    SBA Blog Twitter Daily
  • Contact
    Information Management Regional Offices

Protecting yourself and your client against bombs of logic

By Wayne Spivak,
Contributing columnist
Var Business Web Site, March 16th, 1998

If one were to take a straw poll and ask 100 computer users what the number one major computer security threat was, the Internet would likely be at the top of the list.

But that perception is wrong.

The number one computer security threat facing a business today is employees and contractors working at the company. Many companies don't have administrative passwords, and if they do, those passwords are so easy to crack a 3-year-old could figure them out.

Take a look at a recent incident reported in all the major trade magazines, as well as in the general press. A former System Administrator was charged in a Federal indictment of planting a Logic Bomb in the computer system of the company where he was employed. This bomb went off, causing an estimated $10 million in damage. The only unique fact of this case is that the public found out about it; employee malice is a daily event.

What can VARs do to protect not only their clients, but also their companies? And why do I say protect your company? Because when that security breach happens, everyone in sight is going to be sued. Moreover, since you are the VAR, you will be the first in line. So what can you do?

Insist that as part of the services you provide, a security analysis is undertaken. Perform a preliminary security analysis, and don't forget to charge your client. Odds will have it that you can find at least 10 security breaches.

Make written recommendations to the client on how they can fix those breaches (e.g., selling them more Value Added Services). One of those recommendations, if deemed necessary, is for your client to hire a security consulting firm. At the same time, you should have the client's principles sign off on the report. Add a paragraph stating that you have informed them of security breaches, including your recommendations and noting that no system can make their computers breach proof. M ake sure that the client knows that you can never bullet proof a computer system, but with a disaster recovery plan you can do every thing necessary to prepare for the disaster.

Wayne Spivak is president of SBA Consulting, an IT consulting firm in Bellmore, N.Y., and SBA.Net.web, an Internet and Web consulting firm.

 


SBA * Consulting LTD
Corporate Office:
2711 Bellmore Avenue, Bellmore New York 11710-4319
©1995 - 2012

Tel No:
NY:+1-212-487-5085
LI: +1-516-353-9155
CT:+1-860-760-0250


View Wayne Spivak's Profile on Focus.com
 Info@sbaconsulting.comSCORE Small Business Administration SBASCORE Small Business Administration SBA
 Trademarks
FaceBook
SBA.NET.WEB