Happy Thursday, y'all!
Tomorrow, the world "ends" (I wouldn't go buying a Lambo just yet), and I thought I'd take a little time to talk about what we at Chiros do. Now, as you have probably guess from the twice-weekly computer security articles I cite and write, we at Chiros are about security: ours, yours, and the nation's. That doesn't mean we're a personal security company; we don't hire out bodyguards or patrol the premises of our clients. Instead, we help you protect your most powerful asset: your information. Your information security is by far the most important thing you possess, a philosophy that I've repeated in the past. In this world, we no longer attack our enemies through physical assaults. We attack them through computer assaults. In a world where money is made on digital information, where fortunes are built or destroyed on sequences of zeroes and ones, a missile does less damage than a well-placed virus. Or a badly placed investment (see "2008").
One of the major ways we handle information security at Chiros is through penetration testing. Wikipedia writes, "A penetration test, occasionally pentest, is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders (who do not have an authorized means of accessing the organization's systems) and malicious insiders (who have some level of authorized access)." Essentially, penetration testing is testing the limits of your computer security system by attacking it. It's like simulating an attack on the street in a self-defense class; by strengthening your weaknesses during the exercise, you strengthen your defenses for an eventual attack. The philosophy comes from the idea that the only way to prepare for an assault is to be assaulted. That's what we do at Chiros. We "attack" your business's information system in order to find out where your holes are. Once those holes are found, you have the means and the information to make your systems security able to withstand any future hacking jobs.
Of course, this is under the assumption that hacking occurs. And if you have any question as to whether or not that is a possibility, take a look at this blog. Research it briefly on Google. No matter where you go, you find companies under a constant barrage of cyber thieves, breaking in and causing chaos. My two most recent posts are about state governments finding themselves utterly vulnerable to hacking. It's an unfortunate truth, but like I pointed out last week, you save much more money preparing for an attack than by undergoing one unprepared.
Penetration testing is the way by which you become honest with yourself about your business's ability to survive in a world where fifteen-year old kids have the power to destroy your life's work in an afternoon. And trust us, you need to be honest about where your security is. It may be humbling at first, but the returns on your investment are enormous. Consider strengthening your security systems through a penetration test. No one has ever regretted being prepared.