The increasing risk to your business
In the past the threats from cyber attacks have focused around viruses that may cause inconvenience to users and systems, alongside large scale data breaches to the biggest global organisations. However, we are now seeing an increasing risk of cyber attacks to businesses. Attacks are now much more focused and intelligent than ever before and the target is your data and money.
Despite the increasing risk to businesses we are still seeing a large number of businesses being blasé around the risk that is posed to them and what they can do to mitigate the risk.
Microsoft reports that on average it takes more than 200 days to detect a security breach and a further 80 days to contain it!
Allianz Insurance creates a business risk barometer every year. In the 2016 report we have seen cyber incidents increase over 25%, making cyber security one of the top 3 risks to businesses like yours. We are seeing the number of connected businesses devices rise, but without an increase in the levels of security we apply to these devices we are simply growing our attack area.
“The current level of security of connected devices is still low. Cyber security risk will increase as each device is a potential entry point for data breaches and inter-connectivity can increase the damage significantly, creating high accumulation potential”
Finally the types of cyber threat we are facing is ever growing, becoming more personalised and more sophisticated. In Symantec's annual threat report they found that
- A new zero day threat was discovered on average once a week in 2015
- Social Engineering is increasing as a form of attack, leaving your employees as the weakest link
- A 35% increase in ransomware attacks
Amongst other rising statistics, most shocking of all is the fact that over half a billion personal records have been reported to be lost over 2015. How many more haven't been reported?
How can I protect my business?
Luckily there are a huge number of useful resources available to help IT professionals head in the right direction when looking to protect their business and data.
- 10 Steps to Cyber Securty - UK Gov >> Read Now
- Reducing the Cyber Risk in 10 Critical Areas - UK Gov > Read Now
- Cyber Essentails and Cyber Essentials PLUS Certifications > Read Now
- IAD's Top Risk Mitigation Stratgies - Read Now
ComputerWorld's Cyber Protection Top Tips
Outside of considering the usual data protection policies deployed by most businesses, such as
- Perimeter firewalls and DMZ's
- Email filtering
- A backup solution with a 3-2-1 policy for retention of data
- Enterprise class anti-virus on all PC's and servers
You should consider our top tips below
Desktop Life-cycle Management - Provision, Protect, Update
With the applications that we use and trust increasingly becoming the point of attack via zero day exploits, it is important that we have solutions that allow us to patch and update our applications and operating systems on a regular basis with ease. We should also consider how we can limit the applications that are able to run on our enterprise PC's, gone is the day when a blacklist is sufficient, government organisations are actively recommending that applications should be white-listed and administrator privileges should only be issues where critical.
By automating your desktop builds, utilising solutions like Microsoft SCCM or VMware Mirage, we are able to introduce standardisation to simplify support and management in the future. You are similarly able to achieve these benefits by centralising the desktops and allowing single instance management with solutions like VDI via VMware Horizon View or session-based computing with Microsoft RDS. All of these solutions offer ways to be able to manage and distribute patches and updates. You should also consider integrating security suites that will allow patch management as part of a wider security solution, such as those by LANDESK and AppSense. It should be remembered that all devices should be further protected by drive encryption using products such as Microsoft BitLocker – as a minimum all mobile devices should be encrypted.
Identity Management and Authentication
With social engineering being an increasing risk to our businesses, it is more important than ever before to ensure we have strong policies around corporate and personal passwords. We should ensure that they meet minimum recommended complexity and that we have a realistic policy around how often passwords need to be refreshed. We should be considering multi-form factor authentication to further protect our business systems. But with the growth in software-as-a-service (SAAS) technologies, employees are being asked to remember more passwords than ever before and this in itself increases risk. As such we should have a centralised identification management solution that allow us to control access to all corporate applications whether on premises or in the cloud.
Recommended Reading on Password >> https://cesgdigital.blog.gov.uk/2015/09/08/making-security-better-passwords/
A Modern Secure Network
To minimise the breadth of a cyber-attacks we should ensure that we isolate all workloads. If a single system is breached we should ensure that a hacker is then unable to get free roam to the rest of your systems. Technologies like VMware NSX will allow us to micro-segment the network, meaning that each workload is within its own security zone and is only able to access what is required for normal working rather than having unfiltered access to the whole network. We are also able to virtualise the desktops to ensure we are able to remove the data from the end point device and further introduce NSX to micro-segment the desktop workloads as well.
Alongside our workloads we also need to consider how we architect our network. It is becoming increasingly difficult for us to purchase devices that will connect to our corporate network via a network cable to our corporate desktop, and as such wireless is becoming increasingly important. We need to ensure that we are providing secure and reliable enterprise-class wireless solutions to the business, designed specifically around our business and our users’ needs.
Beat Shadow IT
Mobile application stores are now commonplace and available on the mobile devices that your employees use on a regular basis. When your employees struggle to access their applications and their data, or share their content with those who matter to them they turn to the app store to find a solution to their problem rather than turning to IT. This is what is referred to as shadow IT. With shadow IT comes loss of control of the data that the users will be consuming, and as such IT will not be able to set security and data retention strategies. Technologies that we are seeing increasingly used within businesses without IT's support are DropBox and Evernote, among others. A common misconception is that blocking these services at the firewall will stop their use. Realistically, if your employees wish to use these resources they will continue to do so. The only way to displace shadow IT is by beating it – that is providing solutions offering the functionality that users need and enabling them by training them how to use it. If you can make the easy way to do something the right way from a security standpoint, you are much less likely to suffer security breaches as a result of your users’ actions.
Solutions like Office 365 give a wide range of applications to enable your employees, from the widely understood email through to task management with Planner, interactive presentations with Sway and document sharing with OneDrive. However, Office 365 may not be the answer to all of your requirements. Mobile access to your data is one of the biggest requirements we see today, and whilst OneDrive is fantastic for personal drives and Sharepoint is great for structured data, we don't have a solution within Office 365 to allow access to team and company drives when not connected to the corporate network. This is where solutions like AppSense DataNow will assist. DataNow allows you to leave your data where it is located today, but access it from any device, anywhere, at any time, whilst IT is still able to control policy.
Like it or not, your data is in the cloud
It only takes a quick look on the internet to find a wealth of internal only presentations and documents that have been shared accidentally by employees on non trusted sources. In the era of the cloud we need to ensure our documents are protected at source. Solutions like Microsoft's Azure Rights Management allow documents created by your users to be encrypted at source. This means that they are only able to be opened by the intended audience, even if overtly uploaded to the internet or sent to the wrong recipient.
Enable and Educate Employees at All Levels
As we have discussed, it is the users and not the technology that is now seen to be the weakest link, from IT administrators who are installing and managing your systems, often without thought for the security implications, to the end users who simply don't understand the risk they could be placing your business under.
Organisations should ensure there is sufficient end user training available to help them understand the modern-day cyber risks that they can help avoid. There is a wide variety of courses and methods available but we recommend delivering a mix of short instructor-led sessions alongside e-learning to reinforce the message. >>ComputerWorld Training
For the IT professionals in your organisation there is a wide range of options from the CompTia Security+ accreditation to ethical hacking courses and much more in between.