Lessons from Sony PSN breach

EventLogAnalyzer | May 11, 2011 | 2 min read

The breach at Sony Play Station Network (PSN) breach creates a lot of doubts in the IT Security manager’s mind. We can take our lessons from the breach. Because it is smarter to learn from others mistakes.


Don’t think your company is too small or big for an attack!

Don’t be in a state of optimistic illusion. Any company’s IT assets can be attacked, irrespective of its size. The recent attack shows that it is not even limited to certain industries like banking etc. Suppose, if you are in an entertainment or gaming industry, that in no way allows you to soft pedal security measures. For any industry, customer data is god. Don’t get scared but be prepared to face it.

Get back to basics!

Do not ignore the basics of security. All the aspects of security physical, personnel, data and IT resources need to be covered. Ensure controlled physical access. Train your employees and cultivate the security awareness. Deploy Firewall, Proxy and other necessary security devices in your environment to secure the enterprise/customer data and IT resources.

Adopt advanced techniques to stay ahead!  

Carry out periodical check for physical security. Ensure the personnel are adhering to the security policies. Monitor their network activity. Verify the effectiveness of the security devices periodically. Use appropriate monitoring tools to keep 24 hours continuous vigil on these devices for clues about attacks and other threats. Saving your customer data is of paramount importance, as your in-business and out-of-business hinges on that.

Ensure that the statutory regulations are complied with. This will also ensure minimal security mandated.

Plan your security measures in advance and get it implemented. Formulate IT security policies for your enterprise and ensure that the policies are complied in letter and spirit.

Put your lessons into practice and get IT secured.

ManageEngine offers a host tools for security management. EventLog Analyzer and Firewall Analyzer are good for internal and external security monitoring. For other tools visit ManageEngine website.