International Cyber Expo International Cyber Expo
  • About Us
Tuesday, 14 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

3 Critical yet Unaddressed Information Security Challenges in a New Enterprise

by The Gurus
September 14, 2015
in This Week's Gurus
Share on FacebookShare on Twitter

3 Critical yet Unaddressed Information Security Challenges in a New Enterprise 
Defending a newly established enterprise from high-profile security breaches and potential loopholes is one of the major IT challenges that most of the businesses face today. Probably, the reason behind this is the massive amount of financial losses that incur due to increasing number of security breach incidents detected in the past 12 months, estimated to be about as much as 98% – a clear indication of the extreme threat environment today. As revealed by Gartner in its recent research about key challenges in Information security, 75% of enterprises’ information security budgets are likely to be allocated for rapid detection and response approaches by 2020, which is up from less than 10% in 2012.
Hence, securing a new enterprise from prying eyes involves awareness of critical security challenges and the ways to overcome the threats to ensure a safe IT future for your business. 
This blog discusses the top 3 extremely critical yet unaddressed information security challenges in a new enterprise-: 
#Challenge 1- Protection of Private Data From Unauthorised Access -: 
Data is the crux of every organisation – may it be an independent business unit, an IT department or a government regulation. Confidential information in an enterprise like employee details, day-to-day client transactions, financial records, private contracts and other intellectual property are some of the crucial things that must be protected from unauthorised access. Though access protection techniques requiring inputs in the form of user IDs and passwords play a major role in maintaining security of private data; they also give rise to new security breach incidents arising out of carelessness on the part of IT administrators. Hence, protecting confidential data and applications from prying eyes is one of the biggest challenges that most of the security sophisticated organisations face today.
Understanding who is accessing data at what time and figuring out the reason behind the data breach incidents so as to ensure security is not an easy task. Rather, it involves right implementation of flexible and efficient policies, procedures & security compliance standards that are intelligent enough to identify and eliminate critical security risks. In fact, more and more organisations are now flushing out traditional approaches that they used to adopt in order to protect data from hackers. Apart from varied strong authentication techniques, enterprises are now relying on cloud-based 2 Factor Authentication (2FA) technology and use cases to secure data across all departments via adding an extra step to the basic log-in process. Since 2FA security authentication technology inserts a second level of authentication, they allow secure VPN access, secure cloud access and secure network access and that’s the reason why some of the reputed organizations including Amazon, Twitter, Apple, Google and even Facebook perceive 2FA as the 360 degree solution to eliminating all their security concerns.
#Challenge 2- Adhering Strictly to Security Compliance Standards 
To ensure complete data security in a new enterprise, it is imperative to adhere strictly to security compliance standards pertaining to industry and federal regulations like PCI (Payment Card Industry) standard, HIPAA (Health Insurance Portability and Accountability Act) standard for Healthcare organisation, FISMA(Federal Information Security Management) compliance, GLBA/FFIEC (Gramm-Leach-Biley Act/Federal Financial Institutions Examination Council) compliance.
IT security experts are employed in every organisation to assist in ensuring data protection via log monitoring, managing firewalls and conducting training sessions for effective security awareness. In order to maintain data integrity, protect data against anticipated threats and ensure confidentiality of client information; implementing an ongoing security process and passing compliance audits is mandatory for an organisation. However, developing a foolproof information security strategy that defines control objectives and takes care of all the secure processes and policies is extremely crucial to prove that your organisation is efficient in avoiding potential security risks and in protecting confidential data from suspicious threats.
#Challenge 3 – Keeping Up with the Mobile World: Ensuring Secure Login with authentication via Mobile Phone 
With the increasing popularity of mobile phones and its applications, authentication has become even stronger and IT administrators have gone beyond the old-school approach of single factor authentication (i.e. usernames and passwords).
In the traditional authentication approach, if the combination of both username & password turns out to be an entry in their database, the system considers it as an authorized access; which is typically known as single factor authentication. Now, the downside of single factor authentication is when a hacker trying to break-in to your account somehow figures out the login credentials and due to just one-step authentication, he/she would be easily able to gain access to your confidential information. Also, since the usernames and passwords can be either stolen or hacked; single factor authentication can never ensure the high level of security that you may need.
Hence, ensuring Login Security in smartphones involves implementation of strong identification and authentication techniques like two-factor authentication by security concerned organizations so as to form a defensive strategy around applications and protect unauthorised access.
In this constantly changing IT environment, new enterprises often face difficulty in keeping up with the fast-paced mobile world that demands adoption of latest security concepts and implementation of strong authentication policies. Authentication via mobile phone involves addition of an extra step to prove identity. This makes your account more secure via SMS-based authentication – sending one-time passcodes to your account that need to be entered while you’re logging in to the account you hold.
As a newer way to ensure high-level security, some organisations like Google are even relying on what we known as the “Phone Factor”. As per this procedure, the application asks users to choose the authentication mode they prefer, which includes sending an automated phone call to the user’s mobile, delivering a text message to the number they own or verifying via a smartphone application. Apart from SMS-based authentication, some more sophisticated security features like asking for personal information including digital certificates, voice callbacks; biometric methods like fingerprints, voice print; drawing a particular pattern on the smartphone or entering the ATM Pin are also popular to prove identity.
Conclusion
In an endeavor to make authentication stronger, one must overcome all the above challenges in a new enterprise to ensure completely secure IT environment where both clients and users can breathe safely and flush out all the anticipated threats pertaining to protecting private data. Its high time security professionals stop ignoring the widespread number of data breach incidents that are populating the cyber world. Remember that if it can happen with someone else, it can happen with you!!
 
Rupesh Kumar is managing director of Lepide Software

Tags: Cyber Securitydata breachinfosecinfosecurityit securityLepide SoftwareSecurity Breach
ShareTweet
Previous Post

How did jihadists hack into top UK ministerial emails if no security breach took place?

Next Post

GCHQ Uncovers Jihadists' Hacking Efforts

Recent News

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

July 14, 2026
Lidl Confirms Data Breach After Third-Party IT Provider Hack

Lidl Confirms Data Breach After Third-Party IT Provider Hack

July 14, 2026
Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

July 14, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

AI has crossed from assistant to operator, Check Point research warns

July 14, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol