Mid-Sized Companies: How Vulnerable Are You?

fire_escape.jpgSecurity is critically important to businesses of any size. However, the security solutions needed for larger small and mid-sized businesses are different, simply because there are more potential failure points where security can be breached. The larger the business, the more robust solution you’ll need. But while mid-sized companies face a lot of the same risks as large corporations, they usually have smaller budgets and IT teams to deal with them.
Web security is a major point of vulnerability for many companies as they do more online – both internally and externally. According to a recent IBM ISS Threat Report, 54% of all security vulnerabilities in the first half of 2008 were web-based.

Last month IBM introduced a new software specifically designed to help mid-sized companies detect their online security vulnerabilities. Rational AppScan Express Edition is an automated security testing solution that enables companies to test for web application vulnerabilities, and gives suggestions on how to fix them. It also has a function that checks for compliance with some mandatory industry regulations including the Payment Card Industry Data Security Standard (PCI DSS) and the Health Insurance Portability and Accounting Act (HIPAA).
IBM also offers an online assessment tool for mid-sized companies to help them identify weak spots in their IT infrastructure. This tool is offered in partnership with the Aberdeen Group market research firm, and is in a survey format that then makes recommendations for improving security based on your answers.
“This easy-to-use online assessment tool can help you to identify the IT Security strategies, capabilities, and technologies used by companies with Best-in-Class performance. The tool is powered by the fact-based market research and advice developed by the IT Security practice at the Aberdeen Group, a Harte-Hanks Company.
In less than 10 minutes, you can:
* Compare your approaches to common IT Security challenges to industry best practices;
* Receive best practice recommendations that you can put to immediate use;
* Access additional resources based on your specific needs.”

Laura Leites, Assistant Editor, Smallbiztechnology.com