With the focus on the confidential content of electronic conversations, these assaults are now much more personal than ever before. This ought to give us reason to learn some pertinent lessons.

First Lesson - No organization is safe

Despite the high-profile and large-scale nature of this recent hacking incident, there is still the wide-spread attitude among organizations that this won’t happen to them, that they are somehow excluded or safe from similar breaches. These careless attitudes are particularly widespread among American corporations. No longer - the Sony hack has sounded a cloud and clear alarm with widespread reverberations.

Sony is not alone though with this apparent easy-going and casual attitude towards data security; experts observe the same negligent approaches in many other organizations, where many that display exactly the same type of security issues which lead to the Sony breach. The imminent danger is that copycat hackers will attack exactly the same security holes that already compromised Sony. Every day, employees send and receive confidential and potentially delicate or strategic corporate knowledge , data or commentary via emails or other forms of exchange without the required encryptions and other security measures.

Second Lesson – Humans prefer things to be simple and easy

Effectiveness vs SimplicityIt’s an important fact that data security ought to be simple and straight-forward. The ubiquity and pervasiveness of email, SMS and the likes for our everyday communication needs means we often neglect even the most rudimentary security measures and practices… it ought to be obvious that passwords or credit card numbers must never be shared via unencrypted emails…and yet many of us still do. Despite most of us understanding the real risks of such practices, we ignore this knowledge especially when acting prudently and safely requires us to jump through too many hoops. It’s human nature to make every day repetitive tasks as simple and pain free as possible.

Because of this ‘sloth’-like aspect of our nature, the user-friendliness of data security must be an imperative for the organization’s security experts. Data security provisions and processes ought to be easily integrated into people’s workflows and never make their work more difficult.

Third Lesson – Build shortlivedness into the system

The shortlivedness, or ‘ephemerality’, of messages is something that has long been embraced by technology-trendsetting teenagers, as always in recognition of trends and possibilities before these take off among other members of society. Adopting this aspect into our communication protocols will provide significant security advantages. Essentially, communications that self-destruct mean that there is less information for hackers to pilfer. This in turn also reduces an organizations exposure to risk and liability.

In a world where people bring their own devices, communications and exchanges should not exist longer than absolutely required. The lesson that shortlivedness isn’t simply a marginal feature but an essential security requirement is now making the rounds since the Sony hack. Why? Because what doesn’t exist cannot be stolen.

Forth Lesson - Emails must be secured and backed up

One of the initial serious consequences of the Sony breach was that Sony staff were left without email access…for days! This meant employees had to resort to telephoning and faxing to communicate. In this day and age it should never happen that electronic communication becomes impossible only because emails go down. IT departments need to offer another way to communicate electronically.

Additionally, even an email message that is intercepted and stolen by a hacker does not necessarily mean its contents can be read or used by a third party. This is what encryption is for, and companies should secure all important email messages through modern encryption technologies.

Conclusion

We are confronting some challenging facts in this modern day and age. With the click of a button a company’s success or individual’s career can be ruined. Using electronic communication in the 21st century context means we are connected in ever more ways, and this creates both new risks and opportunities. The risks cannot be ignored, but they can be managed and neutralized, so that the organization, its employees and its knowledge are always safeguarded. Safe work practices must be made easy to follow so that employee behaviors adapt to security needs. The hackers have learned from the Sony incident how easily great havoc can be wrought…so companies need to learn the lessons as well. Without doing so, the inevitable next hack could well make your company the victim.

About SoftControl

Founded in Bangkok in 1993 by a team of German and Thai entrepreneurs, SoftControl has helped global companies in Thailand and worldwide focus on growing their business for more than two decades.

Over this period, we have delivered ITC services and solutions, including responsive websites in more than 20 countries, to more than 200+ local and international customers including small and medium size companies as well as enterprise level businesses across different industries. For many of our long list of satisfied customers we continue to be a preferred IT consultant and provide ongoing IT support and strategic advice.

SoftControl’s success and continuity as an IT partner of choice arises from always placing your business interests firmly at the centre of the innovative solutions and services we offer. Our know-how and expertise as an IT partner is aimed single-mindedly at giving customers the freedom to get on with business – a vision which we call IT Peace of Mind.

Read more about SoftControl’s secure email service.

Read more about SoftControl’s solutions for secure network and IT.

For ICT business solutions in Thailand call us +66 2 105-4068 or send email to This email address is being protected from spambots. You need JavaScript enabled to view it..