• Blogs
  • IT Security in Plain English
Articles

IT Security in Plain English

Buzzword #1 – Cloud Security

Let’s start with probably the buzziest buzzword of them all, the cloud. The cloud is simply used as a metaphor for “the internet,” so when we talk about the cloud, we’re referring to the types of internet-based services, such as applications or storage, that are delivered to your organization via the internet instead of a server that you own and manage in-house. Like most technologies, the cloud trend started in the enterprise world, then shifted to small businesses, and today is just as frequent in our lives as actual vapor-filled clouds. Now, when talking about cloud security, the conversation moves away from the overall architecture and delivery of services, and concentrates on the policies, technologies, and controls put in place to protect your company resources. These resources can include private data, proprietary applications, and any and all infrastructure you have connected to the cloud. Cloud security refers to the software-based security tools used to monitor and protect the flow of information into and out of all your cloud-connected resources.

Buzzword #2 – Phishing

Not to be confused with the enjoyable pastime of fishing, phishing is a digital practice by malevolent anglers looking to catch and hook you. In phishing attacks, online thieves use fraudulent emails and websites as the bait in order to steal information such as your company data, passwords, and customers’ credit card numbers. And just like that shiny new popper fly in your tacklebox, phishing schemes use very convincing bait. Emails and websites that look almost identical to, say, your bank, vendor, or favorite social network are designed to fool you into clicking a link or revealing personal information. And once you click, it’s already too late. Even when you’re being vigilant at all times, it can be extremely difficult to bat 1.000 in spotting every phishing attack. That’s why companies utilize internet security software equipped with two-factor authentication and spam and phishing filters to keep them from being hung out to dry.

Buzzword #3 – VPN (Virtual Private Network)

There’s never a shortage of acronyms when it comes to internet technology, but VPN is certainly one of the more common ones relevant to your business. A VPN is what enables you to create a secure connection to your corporate network over the internet. VPNs are often used to access your company network while you’re traveling or working remotely, encrypting your data so it is hidden from the local network used to establish the connection (especially important when on a public or unverified Wi-Fi network). Once authenticated, a VPN allows you the same level of access to business applications—it’s just as though you were sitting in the corporate office.

Buzzword #4 – Firewall

Like a physical wall, a firewall is designed to restrict access to unauthorized visitors. But instead of bricks and mortar, a firewall is made up of software that provides a set of rules about which data packets can come and go from your network. Firewall architecture is changing due to new network technologies and traffic patterns and becoming more sophisticated. Today’s firewall is an entire platform for not only securing traffic flow but also for analyzing and reporting it. Additionally, firewalls today enable a whole host of different security features and functionality to stand guard over your company’s data.

Buzzword #5 – Managed Security

As we’ve only briefly touched upon here, the digital realm has no shortage of sophisticated threats and complex solutions. To ensure they are keeping up with optimal security strategies, many companies outsource their digital security to Managed Security Service Providers (MSSPs). Managed Security refers to comprehensive IT security services delivered by a trusted third party on remotely managed appliances or devices that are simple to install and run in the background of company computers and servers. Managed Security is a popular service model for non-enterprise companies that do not employ full-time IT security experts but still wish to benefit from vital services, including intrusion detection and prevention, content filtering, and anti-virus.

The More You Know…

As we warned at the outset, diving into the information security waters is oftentimes closer to wading through a sinkhole than a swimming hole. But hopefully we’ve provided enough context to help keep your next security convo on track and allow you to follow up with the appropriate actions versus just blank stares. When in doubt, it’s always wise to consult a security professional for assistance or services to help you protect your email, internet, data, devices, and/or entire network.
this is the content