Last week, the online support forum of a popular antivirus company AVAST Software was hacked as announced by the company’s CEO and about 400,000 users’ login names, passwords, e-mails were compromised :
Now, AVAST is labeled as a “security vendor” and I believe the general impression of the public that as a company that specialized in computer “security”, it should not fall victim to computer security issues such as hacking.
However, computer “security” is a broad subject as it covers equipment or data theft, alteration, corruption, destruction, encryption, unauthorized access/intrusion, and other aspects in computing.
For any company to carry the proud label of “security vendor” is weighty when the public has a expectation that the company should be well rounded in all possible security aspects and the company reputation may suffer when such expectation is not met.
This sounds similar to the public misguided expectation that a “computer programmer” should be able to program all kinds of computers ranging from your regular desktop PC to your smartphone and maybe even your computerized washing machine or microwave oven.
I still identify AVAST Software as an antivirus company that secures your computer against malware, and not as an all rounder software security specialist that able to stop anything dead on its tracks from obtaining unauthorized private data from computers.
To have a computer programmer capable of programming every kinds of computer is superhuman, but to have a company capable of securing its private data is not.
Identifying security threats and taking preventative measures should be a focus of any businesses regardless of its industry or strength.
You may heard of the saying that “A chain is as strong as the weakest link”, therefore if the company finds a weakness that cannot be addressed on its own then they should turn to alternatives able to remove the weakness to avoid the red face of being caught unprepared and experiencing loss of reputation.
So, if you want your private data to be secure then you need to have security solutions to :
- prevent virus attacks that causes data corruption by using antivirus software.
- prevent data leaks to spywares by using anti spyware/malware software.
- restore data such as data backup software.
- scramble information transmission through e-mail by using e-mail encryption.
- prevent unauthorized data access by means of software access policy implementation (changing passwords regularly, restricting available data) or implement data encryption on the physical storage media.
- destroy sensitive data when the equipment or storage media is stolen by using a remote wipe software.
The security checklist could be long and tedious, but the more aspects it covers then the lesser ways that private data can be compromised.