Countermeasures summary
Well, you have covered a lot in this course!
You’ve seen the risks associated with different electronic data exchange services. From mobile to PSTN and finally those concerning email.
In summary, when looking to protect these types of systems, you should think about using one or more of the following technologies:
- Creating a VPN between the organisation and its partners.
- Using TLS to protect communications access to websites.
- Using secure mail if email is used to exchange sensitive information with another organisation.
- If secure email can’t be used, consider encrypting attachments.
Selecting the appropriate solutions to fit the organisation’s needs, budget, and appetite for risk is an important job for the security manager. When exchanging data, both parties should use a similar level of protection and agree on the same standards.
And before finishing, remember the CIA triad: Confidentiality, Integrity, and Availability.
Although this course has concentrated here on technologies to protect confidentiality and integrity, don't forget about availability. As well as ensuring the organisation has suitable business continuity and disaster recovery plans, external companies should be suitably covered to avoid introducing further risk.
What's next?
Well done, you've completed this course on External Services. The next course will cover Virtualisation and Cloud Computing.
In this next course you will be taking a closer look at network security issues. These include old technologies like PSTN as well as more recent ones like VoIP, as well as staples like email and mobile.
A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.