15 steps to reducing security risks in business mobility
The key steps you need to take in order to minimise the potential for security breaches and loss...
Security experts battle threats that come in all forms. The targeted attack and the accidental vulnerability. The external exploits as well as opportunism from internal staff. The unknown and, just as significantly, the expected.
Every organisation draws up its list of security priorities to focus on, and each year there’s a mixture of new risks to tackle and dogged old threats that refuse to go away. Here are the five areas your company should consider for the remainder of this year and the beginning of next.
1. Focus on the known
Earl Perkins, research vice president at Gartner, said 99 per cent of vulnerabilities exploited from now to 2020 will be those known by security experts for at least a year. Speaking at the research firm’s 2016 Security & Risk Management Summit, Perkins suggested that IT security teams should focus first and foremost on the threats they know exist – they are often easier and cheaper to fix.
2. Combat hijacked user credentials
What’s the weak spot of a company’s IT security wall? Its own users. Instead of wasting time attempting to breach sophisticated protection mechanisms, it’s far easier to target administrator accounts. Whether through negligence or simple lack of knowledge, some admins can unintentionally leave the door ajar for attackers. Network-wide visibility into high-risk activities performed by superusers will help you track potential danger spots through all levels of the operating environment.
3. Use the cloud for identity management
Cloud providers constantly upgrade their solutions for a variety of reasons. Always near the top of the priority list of iterations is security. With more advanced options of access management available from managed service providers (MSPs), cloud-based systems can be well suited to mid-sized businesses as well as larger firms with hybrid – public and private – models in place.
4. Secure virtual environments
Two-thirds of global organisations already use some form of virtualisation, and more companies are looking to bring the technology on board. However, as it’s still a relatively new area, that means opportunities to exploit weakness are plentiful. Many companies underinvest in virtual environment integrity – and although that is changing, it might be something for your IT team to consider.
5. Make your network mistake-proof
Oversight. Forgetfulness. Whatever you want to call it, human error is still the biggest cause of data breaches. And the best way to take this on is to foster a company-wide understanding of the risks of not regularly changing passwords, leaving log-in information lying around or taking ownership of their own device’s security. It shouldn’t just be the IT department’s job to ring-fence a company’s network; it should be every employee’s.
These pointers will shore up your existing office’s security policy. And if you’re thinking about going one step further and transitioning to smart working, here’s how to ensure your future office is secure.
To find out how you can stay competitive, check out our online eBook series outlining the challenges and opportunities facing 21st-century organisations.