The New York Stock Exchange suspended trading for nearly four hours today after its computerized trading system inexplicably stopped functioning.
United Airlines was forced to ground all of its flights this morning after its computer system mysteriously stopped working.
The Wall Street Journal’s website homepage was not accessible this afternoon, displaying a 504 error, which means the server was acting too slow to process HTTP requests and make information visible to users.
Time Warner Cable’s website reported today: “Time Warner Cable is having issues since 8:28 AM EDT. Are you also affected?”
What’s going on?
Officials said that there’s no indication the abrupt NYSE shutdown was linked to “nefarious” actors and that there was no reason to believe that the NYSE glitch is at all linked to coincidental technical problems at United Airlines and the Wall Street Journal.
Whether you believe that or not, these system shutdowns do highlight an important issue for businesses: control system security, which is the prevention of intentional or unintentional interference with the proper operation of industrial automation and control systems.
Simply put: Without secure systems, your business could come to an abrupt halt. Movies and TV shows have illustrated the consequences of these kinds of failures on a wide scale multiple times, and they’re never pretty.
Granted, if your systems went down it wouldn’t necessarily have the worldwide impact that some of these outages have had, but a shutdown could still have very negative consequences for your organization.
How secure is your system?
That’s why, in light of these outages, it’s important to consider how secure your system is. If you have a home-grown or industry-specific software system, it’s more likely that your system is not as secure as it should be. Why? Because the groups that develop these types of software just don’t have the resources to insure that kind of security.
Larger software publishers like NetSuite SaaS software and Sage Software do have the resources to develop the highest levels of security, and their reputations depend upon it.
For example, NetSuite has met a host of audit and security standards including SSAE 16 (SOC 1), PCI-DSS and US-EU Safe Harbor framework. In addition, NetSuite has modeled its security and risk management processes according to National Institute of Standards and Technology (NIST) and ISO 27000 series of standards.
NetSuite employs numerous intrusion detection systems (IDS) to identify malicious traffic attempting to access its networks. The company reports that any unauthorized attempts to access the data center are blocked, and unauthorized connection attempts are logged and investigated.
NetSuite’s enterprise-grade anti-virus software guards against trojans, worms, viruses and other malware from affecting the software and applications.
Sage Software also has developed the highest levels of security for its solutions. For example, security was a strong focus in the design and development of Sage X3. The ERP solution was audited and certified by a third-party for safe operation in the Cloud.
With Sage X3, communications with the various client components can be secured with HTTPS, and communications between server-side components are authenticated with certificates.
Ask yourself: Does that sound like the kind of security your current system provides?
If you’re worried about the security of your systems after today’s events, we would be happy to talk with you about whether your systems meet current security requirements at absolutely no charge. We have 35 years of experience in data security, and our software consultants are happy to share the benefit of that with you.