The post-pandemic trend of ‘work from anywhere’ may offer many benefits both to employer and employees alike, but for security teams across the board, it adds a myriad of issues and concerns regarding exactly how data can be kept safe.
The ability to be connected on any device with access to every application, anywhere at all, is a reality today. But this reality hugely increases the attack surface within any organisation. Together with the ever-growing instances of phishing and ransomware attacks, the need for robust and co-ordinated security strategies grows ever more important.
Many organisations find themselves with piecemeal security solutions, continually bolting on the next ‘sounds great’ solution without any holistic thought. This results in security gaps, fragmented visibility, and a complex system, practically impossible to manage.
There is no doubt that we humans are the biggest threat of all. We make mistakes.
So, what can be done? Here is a checklist of the 10 ‘must-have’ protections for users, devices, and access.
- Email Security: Email is like sending a postcard. If you don’t mind the postman reading what is written on your card then it is fine, but would you put your bank details and PIN on a Postcard, obviously not. So, consider email in the same way. Always use an email security application to encrypt them, detect suspicious emails and block them, stop accidental emails going to the wrong person, or to check that attachments are not confidential.
- Ongoing Cyber Security training: We all tend to forget things quickly and, in the heat of the moment, may not recall how to spot a suspicious link. Training should be on-going and one useful element is to use an application that generates spoof emails to maintain awareness, has the ability to monitor progress and, provides The Board with a measurement of the improvement of staff cyber awareness.
- Endpoint Security: It is difficult to know what a remote user is doing, but by having an application on the endpoint which monitors the status of the device, checks that it is fully patched and that there are no rouge services running, can help to stop endpoints being compromised. Furthermore, adding services such as automatic back-ups, remote diagnostics and support, will enhance the remote user’s situation and reduce the support overhead of remote workers on IT Support Teams.
- Access control: We all know the problems surrounding the issue of passwords and their management. Making access to networks easy but secure, is a goal all remote working solutions should strive for. Multi-Factor Authentication removes the password issue in a simple fashion and can be extended to encompass signal sign-on, across other platforms and cloud services.
- Encryption: this is the only technology outlined within the GDPR rules and can significantly reduce the exposure of a data breach to a company. Encryption does not slow down a device, nor does it mean that data cannot be shared. It is simply there to protect the valuable asset of the data, whether it be in transit, at rest on a device or server, or in a cloud-based system, either managed by a third party or within your own cloud solution.
- Backup & Disaster Recovery: Data has value and blocked access to it poses a real threat to business. Ensuring data is protected against ransomware, secured by encryption and access controls, held in multiple locations in different formats, all lead to data being available on demand, to any user or device, in as timely fashion as can be managed during any recovery process.
- Threat intelligence: To be forewarned is to be forearmed. Therefore, understanding where threats may be, gives the business time to prepare and deploy measures to minimise risk.
- Third Party Risk Assessments: The supply chain is critical to a business but should that chain have a weak link, it could open a door into the network and allow a hacker in. Consequently, it is important to ensure suppliers’ networks are also robust by adding some form of risk assessment on key suppliers to ensure businesses can operate together in a trusted environment.
- Network Security: Data travels over networks, often in the public cloud, so should be protected by using a Virtual Private Network (VPN) to ensure that no third party can eavesdrop on communications or, insert data such as an altered invoice into the stream.
- Application Security: Applications are easy to deploy but often we do not check that they are functioning correctly or may have higher administration rights than needed, leading to application exploits or open doors into networks. Any new application should be checked for its handling of security and follow the GDPR standard of a Data Protection Impact Assessment (DPIA) to verify the application. As a last resort a full code review should be undertaken which will highlight any code trap doors hidden within it by the developer.
If you need any advice or would like to discuss any of the security checklist components please give us a call on 0844 586 0040 or email [email protected]
Every organisation can benefit from added protection, we’ll be happy to advise you.