Opt for enhanced enterprise security amidst the pandemic By By Rana Gupta, VP India & APAC Sales, Cloud Protection and Licensing, Thales

Opt for enhanced enterprise security amidst the pandemic

By Rana Gupta, VP India & APAC Sales, Cloud Protection and Licensing, Thales | Monday, 08 June 2020, 11:40 IST

  •  No Image


Amid the unprecedented global health crisis, organisations have been exploring various business continuity plans. The world is becoming more digital as a result of social distancing and lockdowns, raising the increase in usage of the digital channel for various day-to-day personal as well as professional tasks. From shopping of essential items to important banking transactions to meetings via video conference, it is all happening over the internet.

The COVID-19 pandemic has forced employees to work remotely leading to a wave of innovative and tech-centric solutions used by organisations. This remote work setting is gradually becoming the new normal with organisations coming to terms with its operational benefits. The reduced operational expenses and saved commutation hours are setting the precedence of new and innovated business working models, a shift from usual traditional organisational setup.

However, as more organisations are increasingly adopting the digital medium to stay connected and productive, the risk to data privacy is also increasing. With data exchange happening on unsecured networks and devices, it is getting exposed to cyber criminals and hackers, who continue to devise numerous ways to steal organisations’ critical information. This further re-emphasises the need to protect access to organizational data. The responsibility of this rests with both the organisation and its employees.

Data must be protected at all stages including at source, during transit and at the point of access to ensure the confidentiality, integrity and non-repudiation of data. Organisations must deploy robust cyber security and encryption technologies at source to ensure that data remains safe and, even in the eventuality of a breach, this data is rendered useless to cyber criminals. There are some key strategies that organisations must apply to ensure that their data is secure. For instance, Smart Access Management policies should be implemented along with multi-factor authentication measures. Such a combination ensures that employees access enterprise applications only from authenticated devices. An example of such a combined solution is SafeNet Trusted Access (STA) which provides organisations with Multi Factor Authentication as well as Smart Single sign-On (SSO). This then further allows delivery of a range of authenticators including Grid and One Time Password (OTP) on mobile phones.

 

Cloud migration and adaption of cloud infrastructure are key in today’s situation. With the emerging need and culture of working remotely, we expect to observe a rising trend in adoption of cloud services by various organisations. Although every trusted cloud service provider provides basic native security in terms of encryption, it is critical for organisations to also ensure control over the security of their information right from the time of transition to cloud. For this organisations need to ensure security of encryption keys. This can be done using well trusted secure key management tools such as CipherTrust Cloud Key Manager and SafeNet KeySecure control over encryption.

 

Additionally, organisations also need to ensure that they are protected against incidents of social hacking where hackers cause disruption by getting inside an organisation’s critical IT infrastructure. Hackers can do this via various methods such as fake emails or unauthorized access to privileged accounts. Here, organisations need to look beyond software solutions and ensure that encryption keys are securely stored and managed inside Hardware Security Modules (HSM). Such a setup provides the coupled benefits of comprehensive security and protection of organisation’s and their customers’ confidential data.

 

Another very important safety aspect is the consistent communication among employees in a secure digital environment. This gains even more importance in a remote-working setting where the employees need to be in constant touch with colleagues, customers and partners. This need cannot be addressed by regular messaging apps or online meeting tools, as they are not designed for secure organizational communications. Hence we need remote collaborative applications carefully tailored and designed securely with this very need in mind, such as Citadel and Cryptobox that provide a balance between convenience and security and are already in use by the French government agencies and major enterprise customers.

 

In addition to the prerequisites for organisations, there are certain guidelines that remote employees should adhere to and ensure minimization of risk at their end -

· Avoid the use of any insecure device, network and unapproved tools and services

· Access only approved websites and channels and avoid consumption of fake news and misinformation

· Use the IT solutions provided by the company that are equipped with adapted levels of security

· Ensure that network discovery function is turned off and they stay private by covering webcam and deactivating microphone after teleconferences

· Care needs to be taken when employees access vulnerable social networks. They need to make sure that they do not access social media on business devices and have updated anti-virus solutions installed

· Should keep themselves updated with refresher courses on information security so that they are aware of various cyber security related concepts that need to be kept in mind while working remotely

 

In the time of current crisis, the digital medium is rising to play an important role. As the pandemic continues to spread around the world, it will become even more imperative for organisations to look for advanced and secure digital solutions to adapt to the demanding tasks in hand. The impact of the COVID-19 pandemic has demonstrated the value of IT and digital transformation across industries and businesses must utilise this time to do an honest self-evaluation and speed up the digital transition.

CIO Viewpoint

Winning The Cyberwar: Are You Well-Equipped?

By Manikant R Singh, Chief Information Security Officer, DMI Finance

Enterprise Security? No Easy Talk

By Yogendra Singh, Head-IT, Barista

Security At The Initial Stage

By Ashok Tiwari, Head IT, Varroc Lighting Systems (India) Pvt. Ltd

CXO Insights

The Path To Managing Data As An Asset

By Lenin Gali, VP, Data Engineering, Quotient Technology

The Benefits Of Cloud Email Security

By Murali URS, Country Manager - India, Barracuda Networks

Is Secure Access Service Edge(SASE) Part Of...

By Archie Jackson, Senior Director and Head of IT & IS, Incedo Inc

Facebook