Associate Dan Vassallo called attention to an overlooked aspect of security this month when his article “Employees May Be Bank’s Weakest IT Link” appeared in The Commercial Record, a Warren Group publication geared towards the real estate, banking and lending, and construction and development industries in Connecticut. The article, which appears on page 35 of the June 2011 issue, discusses the threat of social engineering attacks on banks and offers tips on preventing hackers from obtaining confidential information. Vassallo, who holds the CISA and CISM certifications from ISACA, advises organizations to limit internal access to high-level information, set up effective spam filters, and enforce security procedures consistently, all of which are simple yet often overlooked security measures. He concludes that “strengthening the human element of information security through organization-wide commitment to awareness, diligence and strict policy adherence is as important as having a well-maintained perimeter or strict network standards.” Vassallo’s article can also be accessed by subscribing to the Commercial Record website.
The information security practice at GraVoc Associates, Inc. provides IT assurance, consulting, and audit solutions that will help businesses secure confidential data from malicious parties from both the outside and the inside. For more information regarding GraVoc’s services, please visit www.gravoc.com.