Design firms may not seem like prime targets for hackers, many of whom are after sensitive, personal information, etc., but this assumption can be dangerous for architects and engineers. Intellectual property must be kept secure, and the threat can come from outside hackers, as well as from employees.
As detailed in Schinnerer’s most recent issue of Constructive Comments, the “(t)he Federal Trade Commission (FTC) has developed cyber security principles in its Start with Security: A Guide for Business. The publication’s guidance is based on the FTC’s data security settlements. Lessons from more than 50 FTC cases show how companies can improve their cyber security practices.”
The guide breaks the strategy down into the following ten steps:
1. Start with security.
2. Control access to data responsibly.
3. Require secure passwords and authentication.
4. Store sensitive personal information securely and protect it during transmission.
5. Segment your network and monitor who’s trying to get in and out.
6. Secure remote access to your network.
7. Apply sound security practices when developing new products.
8. Make sure your service providers implement reasonable security measures.
9. Put procedures in place to keep your security current and address vulnerabilities that may arise.
10. Secure paper, physical media, and devices.
Access the PDF version of Start with Security: A Guide for Business here.