Five fundamental principles for securing your devices: by focusing on the fundamentals, you can make sure your organization gets off to a good start today and in the future.
Recently, I came across a report indicating that 375 new cybersecurity threats emerge in a minute, which turned heads. And now, with work done more often outside the office walls, the risks associated with securing your organization’s most important asset – its data – are even greater.
Organizations now face threats from multiple sources and the nature of these threats continues to evolve rapidly.
External threats: India faced nearly seven lakh cyber-attacks in August 2020, according to a report by the Ministry of Electronics and Computer Science. India was ranked third and one of the biggest victims of cyber-attacks in recent years. Cyber criminals often exploit fear and uncertainty when major global events occur by launching cyberattacks. The Covid-19 pandemic was no exception.
User Behavior: End-users work and collaborate in more places, with more devices and share more information, sometimes indiscriminately. Supporting mobility, connectivity and flexibility is essential for your organization – and even more so when prioritizing their health and safety – but not at the expense of safety.
Limited security resources: There are not enough security professionals to fill knowledge-based roles and meet the needs of most organizations. For many small organizations, staffing a security person or team is not realistic within their limited budget, so it often becomes a part-time responsibility and concentration.
New and ever-changing threats: Attackers continue to search for new entry methods, one of which is below the PC’s operating system. Low-level attacks often take advantage of weak system configurations and firmware vulnerabilities.
Given these threats and the fact that an organization’s security perimeters extend beyond the four traditional walls to penetrate their employees’ homes, here are five fundamental elements that you need to implement from a cybersecurity perspective:
—Protection above and below the operating system (OS). In addition to modern solutions to prevent unknown threats and respond quickly and effectively to attacks on endpoints, network and cloud, you also need to choose devices with protection and detection capabilities under the operating system at the PC BIOS level, where we’re seeing a significant increase in attacks.
—The physical security of a device is as important as its data. The physical protection of a device is just as important as cybersecurity deployed on and within the device. If you use public spaces to work, remember to use a privacy shield to protect your data from prying eyes.
—Adopt a more password strategy. Improve passwords with biometrics, implement multifactor authentication, and use digital certificates for enhanced protection. Barriers of cost and complexity are collapsing, making it easier to adopt biometrics, such as fingerprints and facial recognition.
—Make sure employees are regularly trained in smart security practices. This is especially important for many people working from home. Implement a safety training program and include regular tests such as sending phishing test emails to keep employees’ skills sharp.
– Allow usability and protection to coexist. Even if you have the best security tools, difficult to use or hinder productivity, they will be ignored or defeated by your employees, putting your organization at risk. Effective security solutions must be easy to deploy, maintain and use.
By focusing on fundamentals, such as the five above, you can make sure your organization is off to a good start today and tomorrow.