- April 25, 2023
- Catagory Security
How Good Habits Secure Remote Work
Good habits have always been a key enabler of security in the organization, and they’re an essential part of your strategy to secure remote work.
With the hybrid workplace here to stay, your employees are not just working at home – they’re more mobile than ever, which means they’re connecting to your network infrastructure from many different locations. If you’re going to let staff work in an environment over which you have little to no control, you need to instill some good habits that enable secure remote work.
This is especially true if you’re going to permit your employees to work in public spaces, such as a park or a coffee shop. The argument could made that if you’re going to secure remote work effectively, you should put limits on what employees use as their workplace.
The most compelling reason is that they will use public, unsecured Wi-Fi, making them more likely to expose critical business information and even get hacked. Employees working in public spaces should only access corporate resources online through a virtual private network (VPN), even if they are working from home. Alternatively, they can use their smartphone as a hotspot rather than use public Wi-Fi.
The laptop employees use to work remotely must also be kept up to date so it’s able to handle the latest threats. You can’t secure remote work without anti-virus / malware protection software – any computer connecting to your network must have it, and it needs to be updated with the latest patches and virus definitions to protect against threat actors looking to exploit operating system and application vulnerabilities.
Just as you need to update your anti-virus software regularly, you need to update devices frequently – they should be rebooted often the latest software patches, firmware, and security fixes applied as soon as they are available. If the employee is working from home, you should make sure they’re updating their router regularly as well and any other devices on their home network.
Keeping hardware and software up to date is a habit that’s essential if you’re to secure remote work. Similarly, you must instill best practices when it comes to passwords management. Employees should understand the necessity of creating strong passwords that are unique to each login and account they use. Where possible, look at implementing multi-factor authentication (MFA). Adopting a Zero Trust approach can also help to secure remote work because it means employees are only accessing applications and data they need to.
Technology can only do so much to secure remote work – employee habits that foster good security hygiene are essential if you’re to support a hybrid workplace and mobile workers.
- April 11, 2023
- Catagory Compliance
Why Multi-Factor Authentication Is Table Stakes for Effective Security
The move to remote work and hybrid workplaces has demonstrated that multi-factor authentication is now a must-have for effective security and employee data protection.
Gone are the days of just making sure staff have complex and unique passwords for everything they access. In addition to a username and password to log into an application, it’s a critical that you have a second layer of authentication – two-factor authentication or multi-factor authentication (MFA). This means that in addition to a password entered in the primary device, there’s an additional step to log in – multi-factor authentication either requires that another code be sent to a secondary device such as smartphone or a biometric step in the form of a fingerprint or voice identification system.
Your employees have already experienced multi-factor authentication in their daily lives. Major banks now use biometrics for mobile banking, and they will also need to authenticate through that device when logging onto their bank’s web site from a desktop computer.
And while you might think that multi-factor authentication is an advanced feature that’s only necessary for major financial organizations, there are plenty of reasons why you should add another layer of authentication for all employees accessing critical applications and customer data.
- Weak and stolen passwords: As much as employees are encouraged to use unique and complex passwords for each and every digital system they access, it means they must remember each and every one or rely on a password manager to keep track of them. These password managers can also be circumvented by threat actors .Password theft has become cleverer through methods such as keylogging, phishing, and pharming, which is when malicious code is injected onto a device that redirects employees to a phony website where they enter sensitive information, including authentication information.
- Remote access: For many organizations, the hybrid workplace is here to stay. Multi-factor authentication is essential if you’re to provide fully secure remote access without impairing employee productivity. It can even make logging in easier as single sign-on software combined with multi-factor authentication can help to avoid “login fatigue,” since it requires an initial login to access multiple applications.
- Compliance: Depending on your industry, your organization may be required to implement multi-factor authentication to bolster protection of sensitive financial or health data, as well as other personally identifiable information (PII) in accordance with regional, national, or international privacy legislation or regulatory frameworks.
Implementing multi-factor authentication ensures that you can get the most of your cybersecurity investments. Other technologies such as advanced firewalls and anti-virus software can only do so much to protect critical applications and sensitive data – without robust authentication and digital identity management, threat actors still have plenty of avenues to exploit to gain access to your systems.
Multi-factor authentication not only controls employee access, but it also acts as an alert mechanism when an unauthorized access attempt is made – if an employee gets a request for secondary authentication that they didn’t request, they can report it to the IT department, so they know that there’s active threat.
If you’ve not considered implementing multi-factor authentication, remote and hybrid working should be the tipping point, since your employees are likely using less secure internet connections to access your network and may even be using a personal device. Multi-factor authentication reduces the risk that comes with securing remote workers’ WiFi connections and personal devices.
No matter your industry or the size of your business, multi-factor authentication should now be considered table stakes when it comes to effectively securing your organization.
- March 28, 2023
- Catagory Human Resources
Employee Burnout Threatens Cybersecurity Resilience
Attracting IT talent, especially cybersecurity experts, remains a challenge even amid layoffs, but so is keeping them. The last thing you want to do is contribute to employee burnout.
It’s just as big a threat as the growing number of cybersecurity threats as your IT teams struggle to do more with less after a tumultuous three years due to the waning pandemic. Employees of all stripes are experiencing burnout, which as defined by the World Health Organization (WHO) is the result of chronic workplace stress that has not been successfully managed.
The solution can be found in the WHO definition; employee burnout can be managed, even when it affects your cybersecurity staff.
Detect the signs of employee burnout
In the same way you want your cybersecurity to be proactive and detect anomalies before they become a major incident, employee burnout can not only be managed, but also prevented so that IT teams can remain engaged and avoid exhaustion.
For cybersecurity professionals in particular, workplace stress stems from the nature of the work – their environments are always active because the organization is constantly under threat. It means handling alerts throughout out the day to prevent and mitigate threats while also ensuring that long-term strategic security initiatives are met. Just making sure the security operation center is adequately staffed off hours causes stress and contributes to employee burnout. You need to make sure you have people available on-call while also giving everyone enough time to wind down if you’re to prevent burnout.
At the end of the day, employee burnout within your cybersecurity team can pose just as big a risk to your security posture as threat actors trying to compromise your IT infrastructure.
Cybersecurity resilience depends on people
Just like potential security risks, employee burnout has warning signs. Chief among them is the phenomenon of quiet quitting – that’s when staff experience depersonalization and increased cynicism. They will also feel emotionally depleted and feel as though they’re being less effective.
Employee burnout can affect the entire cybersecurity team, regardless of their role, and lead to actual quitting. A single, small incident can be the tipping point after prolonged periods of stress on the job – cybersecurity staff are constantly in “fight or flight” mode, and it’s ultimately unsustainable.
Just as you mitigate cybersecurity vulnerabilities, you want to prevent employee burnout – prevention is worth a pound of cure. You need to build up psychological resilience among your team by ensuring your team is confident they can handle what comes there way and being able to adapt to changing situations.
And no matter their job role, your employees need to have a clear sense of purpose as well as adequate social support – trust and relationships are especially important for cybersecurity team if they are to avoid burnout. It also started from the top – if you’re leading your IT staff or a security team, you need to take care of yourself – if you’re depleted, everyone else will feed off of that. Building up your own psychological resilience and instilling the ability in others will boost morale – preventing employee burnout is both about personal responsibility and team effort.
Technology does play a role, too. If your cybersecurity team doesn’t feel they have the right tools for the job, it will contribute to their disengagement. And if they feel they’re understaffed and doing more than their fair share, they’re going to look for greener pastures rather than work harder to compensate for the staffing shortage.
Exploiting automation as much as possible will allow your employees to focus on more rewarding activities and will reduce their stress – they will feel as though they are spending time on projects that that truly matter. Turning to a managed service provider who can take on some responsibilities and complement your cybersecurity team can also alleviate the pressure and further reduce the likelihood of employee burnout.
- March 14, 2023
5 Key Security Trends No Business Can Ignore
As we approach the second quarter of 2023, there’s no shortage of cybersecurity trends that must be kept on the radar. If you’re responsible for security at your organization, it can be hard to wrap your arms around all of them, but here are five key threats that continue pose significant threats to all businesses, large or small.
The recent ransomware attack on the Indigo, one of Canada’s largest retailers, is a reminder that ransomware remains one the most significant threats to the digital infrastructure of every business. Attacks often come from remote devices as working from home has become normalized – policies and processes to secure endpoint devices haven’t kept up. In the meantime, state-sponsored ransomware attacks on critical infrastructure continue to rise.
Make sure you’ve bolstered your endpoint defence and replicated your data so that you’re not put in a position where your business can can’t serve customers because of a ransomware attack.
More attack surfaces
If you’ve got a remote workforce, you’ve got a wider attack surface. Couple that with internet of things (IoT) deployments, APIs and cloud computing instances, and threat actors have a larger selection of vulnerabilities they can exploit with ransomware, malware and distributed denial-of-service (DDoS) attacks. Multi-vector attacks on are also on the rise – as you’re fighting off one active threat, bad actors will simultaneously try to exploit another vulnerability.
Bots are getting more sophisticated, which means they’re better at evading your security measures to spread malware and target your IT infrastructure with DDoS attacks. You need the tools and expertise in place to detect, prevent and mitigate malicious behavior.
Inside jobs are on the rise
Some security threats often come from within, even if they’re not always intentional. Whether it’s poor security hygiene or a disgruntled employee, threats from the inside have continued to rise in recent years. Hybrid work has exacerbated the problem, making authentication and authorization errors and human error more likely to compromise your IT infrastructure. Combine the use of insecure personal devices and poor access control and you have a recipe for a data breach that’s an inside job.
Zero Trust is becoming table stakes
These threats and trends mean that taking a Zero Trust approach to security is becoming non-negotiable. With so many endpoints and remote workers connecting to your network and cloud-based applications, you need granular control – employees should only have access to applications, networks and compute resources necessary to do their jobs.
You can begin implementing a Zero Trust approach to security by segmenting your network, continuously monitoring of all user behavior, and enabling multi-factor authentication (MFA). All of these will help to better thwart threats such as ransomware and reduce your attack surfaces.
Tackling a Zero Trust implementation alone can appear overwhelming, so consider turning to an experienced managed service provider who can help you evaluate your current security posture and how ready you are to face these key security trends in 2023 and beyond.
- February 28, 2023
- Catagory IT skills
How to compete for security talent
Attracting security talent has always been a challenge, no matter the size of your business. But as threat activity increases in a parallel with a labour shortage, it’s even harder for small and medium-sized businesses (SMBs) to attract and keep IT security talent.
It’s not something you can neglect, however, as security doesn’t become less important the smaller your organization. When every business relies on data and connectivity to serve customers and grow market share, SMBs are just as vulnerable to security threats as large enterprises.
The trick for SMBs is having a well-defined role for a small contingent of talent who can tap into outside expertise to bolster overall security posture.
Lots of threats, not enough people
There’s a shortage of security talent worldwide, even as the workforce has hit record numbers. According to the 2022 (ISC)2 Cybersecurity Workforce Study released in fall 2022, there was a global shortage of 3.4 million workers in the IT security field. The report also found that there were more than 700,000 unfilled cybersecurity jobs in the U.S. alone.
The security talent shortage comes at a time when cybersecurity attacks are on the rise, with the average number rising 31 percent to 270 per year between 2020 and 2021, compounded by the pivot to remote work. If you’re one of the companies that’s seeing an increase in cybersecurity attacks – and you likely are – you’re going to have to increase your budget for security talent. The (ISC)2 study found that just over a quarter of those who are in the field are in it because of the high salaries.
Money is not the only solution to the security talent woes, however.
Paychecks must come with perks
A competitive salary is table stakes in an inflationary economy, regardless of the role, and especially if you want to hire skilled IT workers. But if you want to attract security talent and keep it, there are several key things to consider when looking to fill cybersecurity positions beyond the paycheck.
- Have the right tools: If your cybersecurity technology investments are lacking, your security talent is going to get frustrated if their hard work is hindered by inadequate tools. This includes automation – if you’re still doing things manually that can be done by software or emerging artificial intelligence (AI) capabilities, your security talent is going to feel bogged down and ineffective despite their best efforts.
- Offer variety and interesting work: Similarly, your security talent wants engaging work that’s more than just sitting in front of a consoling assessing and triaging alerts. If you’re automating as much as possible, cybersecurity work becomes more strategic, allowing for people to implement more proactive measures such as a Zero Trust approach to security and helping all employees become part of the solution by through education and policy. You want your security talent to get satisfaction from playing a role in enabling the business.
- Cover training and certification: The best workers in any field don’t want to be stagnant. Combine that with how quickly security threats evolve, it’s in your best interest to provide your security talent with opportunities for continuing education and certification. This is especially true for younger workers, who will always be eyeing opportunities for advancement – other employers know this and are adjusting their hiring practices accordingly.
- Don’t limit your talent pool: If you’re ready to invest in training and education, you should also consider recruiting talent from a broader group of candidates within information technology, even if they don’t have a cybersecurity focus. Foiling threat actors, assessing risks and mitigating vulnerabilities requires a diverse set of people, including analytical, organized, and creative types.
Even if money is no object, it’s important for SMBs to be selective of where they deploy security talent in-house. As with IT in general, it often makes sense to tap into the expertise of a managed service provider with a security focus who can help your small, nimble security team execute on a daily basis while providing assessment and strategic advice where need.
- February 14, 2023
- Catagory IT management
There’s No Security Without Visibility
If you don’t have visibility into your IT infrastructure, you can’t have confidence in your overall security.
This is especially true for those in the manufacturing and energy sectors that have a great deal of operational technology (OT) and industrial control systems (ICS), as their security can impact the broader organization through its integration with more conventional IT systems.
An annual report released by Dragos outlined the visibility challenges faced by ICS/OT networks when it comes to identifying vulnerabilities ICS/OT devices as ransomware attacks on firms with ICS/OT infrastructure increase. These attacks demonstrate how industrial firms have their own set variables when it comes to security and establishing visibility across all systems, especially as the industrial internet of things (IoT) becomes more ubiquitous.
But even outside industrial systems, visibility is critical for robust security, especially as remote work continues and many businesses settle into a hybrid approach. Whether it’s an ICS/OT device in an industrial setting, a IoT sensor for agricultural applications or a laptop for a road warrior leading your sales initiatives, you must be able to see these devices on your network and understand their vulnerabilities.
No matter why your digital footprint is expanding, security visibility becomes increasingly difficult when you must keep track of home office, on-premises and cloud-based endpoints. Your attack surfaces are proliferating, and you must be able to see all of them – you can’t get the visibility you need to identify the gaps in your security programs and controls without the right tools and best practices.
And there’s many elements you must be able to see and control:
- Endpoints of all sorts are your weakest links as they exchange data over a variety of network connections
- Because it’s so easy for business users to spin up whatever cloud-based services they think will help meet their objectives, you run the risk of shadow IT that’s connecting to your infrastructure without proper governance
- Even before remote work became the norm, remote offices meant a more distributed workforce, which is more difficult to monitor than ever thanks to home offices and mobile devices
- Cloud services can allow you to delegate security to the provider of a service, but it’s still a shared responsibility
These are just some of the key elements of your IT infrastructure that require visibility if they are to be fully secured, and it’s helpful if you break down visibility into three broad categories if you’re to attain it organization-wide.
Operational visibility includes operational compliance and operational processes, as well as user visibility so you understand who has access to data and why, including applications. People come and go and responsibilities change, so you must have best practices for onboarding and off-boarding employees as well as device lifecycle management. A zero-trust approach to security can help to improve user visibility.
Technical visibility has become more difficult with more distributed workforces and IT environments – you must understand all the threats and vulnerabilities that might affect your systems, connections and devices, whether it’s a laptop, server, smartphone or narrow-purpose IoT device.
Your organizational visibility determines your awareness to any threats to your brand, reputation, and intellectual property. This level of visibility requires not only security tools but also best practices and processes.
At the end of the day, however, visibility is all about knowing where your data is so you can protect it – it’s the lifeblood of your business. A managed service provider can help you make the right links between visibility and security so you can build a true picture of your IT infrastructure across every system and endpoint.
- January 31, 2023
- Catagory remote work
Your IT People Are Worried About Remote Work Security
If you haven’t fully adjusted to the era of remote work, your IT team leader has something to say about security.
According to a new Cisco Systems survey, the increasing number of employees working remotely today – even as some employees head back to the office – is stressing out both business leaders and those responsible for security, and a big culprit is unregistered devices.
The Cisco survey found that 84% of 6,700 respondents, including 81% of the 300 Canadian respondents, found that working remotely has increased cybersecurity risks to their organization, and nearly a percentage of respondents cites unregistered devices used by employees in support of remote to be the likely cause of security incidents. Unregistered devices might include laptops, tablets, and smart phones, the survey said.
In general, Cisco found that in the early days of the pandemic when the sudden shift to remote work occurred, security became an afterthought, as noted by a Cisco exec interviewed by IT World Canada. The reason security tends to take a back seat when employees work from home is that they want a similar experience to working in the office, but they don’t want security controls that make it harder to do their jobs. In addition, remote work isn’t just about working from home – employees now want the option of working anywhere.
Meanwhile, the International Association of IT Asset Managers (IAITAM) has similar concerns about the impact of remote work on organizational security, echoing the Cisco survey’s observation that security wasn’t top of mind when the initial rush to remote work occurred in March 2020. Not only are personal devices being used by remote workers to access the corporate network contributing to security issues, but there’s also “low-tech breach” danger if organizations don’t have proper IT asset disposal procedures, IAITAM warns.
Not having a proper asset disposal program for computer hardware is just as important for remote work security as having a strategy for warding against employee errors, rogue employees, errant third party vendors, and outside hackers, advises IAITAM. Any asset disposal program should include certified data drive sanitation or destruction, and robust tracking of the disposal process so that data thieves aren’t gaining access to mission critical business information.
Monitoring the lifecycle of computer hardware used for remote work can be especially complex if they include personal devices, but asset management is critical to any organization’s security strategy. If you don’t a program in place, consider consulting your managed service provider for support.
- January 17, 2023
- Catagory remote work
Remember the basics of remote work security
At the risk of sounding like a broken record, remote work isn’t going away, so you need always be mindful of some core security measures that protects what looks to be a perpetual hybrid workplace.
These measures are both technical and cultural in nature – your people are just as critical as the security technology you deploy to accommodate remote work.
The most obvious step you can take on the technology front is to regularly update and monitor your network security. This includes applying the latest security patches and upgrades to all devices, including updates to operating systems as well as keeping your antivirus and antimalware programs current. Don’t forget hardware updates such as those for your routers and switches, either.
A strong technology foundation is critical to remote work security and should also include secure VPN access for any employee working outside the office, as well as multi-factor authentication (MFA), both of which lay the groundwork for creating a Zero Trust environment. Also essential are tools for monitoring your environment so you have a complete understanding of what’s connected to your infrastructure, whether it’s devices that support remote work or other devices and services, including internet of things (IoT) devices. You should be able to interrogate the network so you can know for certain how every connected device behaves at the packet level.
In the era of remote work, MFA is a must have, and illustrates how critical the intersection of technology and people is to security. Employing MFA recognizes that even the best passwords can be broken and that the users who select and use them make mistakes. This is where employee education comes into play so all users, remote or otherwise, understand good password etiquette and the benefits of adding another layer of security with MFA.
User education is also the best defence against phishing emails, which remain the most common threat to your sensitive data. The upheaval of the pandemic has made for good cover for threat actors who send convincing emails that open the door to malware and ransomware.
The culture of your organization has always been critical for maintaining robust security, and the sudden switch to remote work was a stark reminder of that. Even as many employees return to the office, it’s a great time to remind your entire team that remote work requires the same level of attention to best practices around storing and security mission critical data.
The return to the office should also be seen as an opportunity to take another look at your entire security strategy – consider tapping into the expertise of a managed service provider to help you re-evaluate and refresh your technology and best practices.
- December 28, 2022
- Catagory SMBs
Technology trends for SMBs to watch in 2023
The cloud has leveled the playing field for small and medium-sized businesses (SMBs), enabling them to scale up and compete with bigger players, but keeping on top of technology trends can be daunting and overwhelming.
Here’s what you should keep an eye in 2023.
We’ve already dove into what’s in store for cybersecurity in 2023, but we can’t overstate the importance of understanding the threats that are out there and growing, as well as the technologies at risk and those that can help you improve your security posture.
Remote work management
Tightly tied to security is your ability to manage remote workers. The hybrid workplace is likely here to stay, so you need to have solutions in place to support employees wherever they are, including best practices for onboarding them and closing off their access should they leave the organization.
No matter where your employees work, the ability to efficiently collaborate gives SMBs a competitive edge no matter your industry, and it helps to attract and retain talent. You must have a platform in place for management of files, chat, video meeting and communications to avoid employees getting siloed so they can be efficient, collaborate and engaged. Securely, of course.
SMBs who want to be nimble and keep pace with larger competitors must look at where they can automate – IT teams need to be able to focus on strategic initiatives such as digital transformation, not every minor aspect of onboarding and managing remote workers including identity management. Having strong polices in place supported by automation will relieve pressure on IT staff and contribute to a better security posture
Businesses of all sizes including SMBs will be under increased pressure to make sure they’re lowering their carbon footprint with more sustainable technology, whether it’s on-premises IT infrastructure or what they’re purchasing through suppliers, including their managed service provider, right down to the chips powering the servers. Reducing your carbon footprint is an opportunity to streamline the technology you’re running and the data you’re storing, so you’re not spending money using energy unnecessarily.
What won’t change in 2023 is that keeping up with technology trends can be daunting for SMBs, which is why you should consider working with a managed service provider to best understand how to adopt and adapt to optimize your operations and improve your bottom line.
- December 15, 2022
- Catagory cybersecurity
How Cybersecurity is Shaping Up for 2023
Remote work during the pandemic and the current dynamic of hybrid workplaces has had a strong impact on how you must manage cybersecurity. Remote work isn’t going away, while other longstanding trends as well as new realities will affect cybersecurity in 2023.
Ransomware remains a major threat
Expect ransomware attacks to continue to be a factor in your cybersecurity planning, as threat actors move from encrypting files to targeting third-party cloud providers while continuing to use aggressive, high-pressure tactics to extort victims, including data-encrypting malware and more novel infiltration approaches.
Global geopolitics will affect your business
The ongoing conflict in Europe will mean some of those ransomware threats will come from Russia. Overall, 2023 is going to begin with a great deal of uncertainly and tension, with more state-sponsored threat actors looking to destabilize global economies and specific industry sectors such as logistics and shipping, energy, semiconductors, and financial services.
Zero Trust adoption will grow
With more workloads being moved to the cloud, a Zero Trust approach to security will become more compelling and necessary in 2023, transforming how you secure your infrastructure, including network penetration testing.
Automation will increase, too
It’s near impossible for organizations of any size regardless of budget to keep up with the volume of threats, which means 2023 will see even more automated cybersecurity, enabled by artificial intelligence (AI) and machine learning. The downside is the bad guys can leverage automation and AI, too, which means organizations will need to take a more active approach to cybersecurity.
Watch out for bots
Speaking of automated bad guys, be prepared for more bot activity in 2023, which can automate and expand attacks as perpetrators rent out IP addresses to make it difficult to track them.
Your own IT is a threat
Between shadow IT and the proliferation of endpoints either due to remote work or internet of things (IoT), there’s no shortage of attack surfaces for threat actors in 2023. If your endpoints aren’t properly configured and you’re not keeping a handle on shadow IT, your cybersecurity posture will be drastically weakened.
You people can still be a problem
Even with all the right technology in place, the biggest threat cybersecurity in 2023 will continue to be your own people, whether it’s by accident or due to insider threats from unhappy or former employees. Training combined with a Zero Trust approach will mitigate risk to your business.
What won’t change in 2023 is that cybersecurity isn’t something most organizations can handle on their own, so if you haven’t already, make it the year you see how a managed service provider can help evaluate and shore up your security posture.