IT security vital for M&As
When two companies come together, the integration of IT security is vital to success, yet network security implications are often overlooked during mergers and acquisitions (M&As), according to NTA Monitor, a leading provider of IT security consultancy services.
With the value of European technology M&As having more than doubled in the last year with deals totalling some £18.4bn, the IT industry in particular needs to follow strict security procedures in order to minimise risks.
NTA Monitor's Technical Director, Roy Hills, says: "Technical companies are among the most vulnerable, not least because they are such a tempting target. Only last year, NTA's VPN Security Report revealed that the IT industry was the most vulnerable sector to VPN attacks.'
'It is essential that all companies, particularly those in the process of a merger or acquisition, carry out security reviews to avoid external users gaining unauthorised system access, disrupting service availability or viewing and using confidential data. We have identified some of the general issues companies should consider, but of course each company should undergo a bespoke assessment."
New risks occur when one network joins another and there should be a clear policy about who is responsible for handling security, which should include updating anti-virus software and testing networks and web applications. It is essential to test critical business applications offering authenticated access, as companies are particularly vulnerable when this is insecure.
Anti-virus programs should be in place, up to date, regularly reviewed and upgraded and a company's disaster recovery plan should be tested and adapted accordingly.
Roy Hills concludes: "It is essential that IT security is at the top of the agenda during any M&A process as a lack of vigilance at this key time could be extremely damaging."
This article was first released on: 25th September 2007