Putting security safeguards through the acid test


22 Jan 2004

Irish business managers can now test how effective their security processes are with a new online assessment tool, designed for companies without a dedicated IT specialist.

Computer Associates’ web-based tool, called the Acid Test, is designed to gauge the vulnerability of an organisation to viruses and worms. Lack of knowledge or complacency are two major factors that put companies at risk from security threats, CA claimed.

The test, at www.ca.com.acidtest, is a free multiple-choice questionnaire that covers three sections: attitudes and understanding, protection and backup & recovery. The questions don’t require detailed technical knowledge on the part of the user, simply that they are aware of their company’s decision-making processes.

The test takes around five minutes to complete; then the system immediately delivers a risk reading to the user, having calculated a tailored summary of vulnerabilities, graded according to the level of threat, based on the responses to the quiz. A hotline number is also provided for participants who need more detailed analysis and advice on how to address the problem.

Matt Brennan, country manager for CA, said: “Safeguarding IT systems is usually the preserve of the IT team. However, for organisations that don’t have this resource, it can be a real headache and many do not know whether they have adequate protection. Taking that chance and simply hoping that systems are secure can have devastating effects. Through this simple interactive test we’re attempting to ask important questions in business terms, and allow staff to see the full extent of their security and vulnerability. Then, by quantifying this in terms they relate to, namely finance and risk, we can show them exactly where they stand and what they need to do to resolve any issues.”

By Gordon Smith