As the Covid-19 pandemic continues to wreak havoc on social and commercial structures around the world, bad threat actors in cyber space are poised to take advantage of the chaos that will inevitably ensue.
Cyber threats were already a huge enterprise challenge. With enterprises now suddenly finding themselves with thousands of people working at home, what should your strategy be for protecting your sensitive data and systems?
This is the third in a series of four blogs designed to support and inspire technology leaders at this disorientating time. Here, I look at how to better manage compliance and risk, maintaining vigilance over more ‘traditional’ data center threats like DDoS attacks, which will likely ramp up in the short term as criminals seize the pandemic as an opportunity for gain.
This blog is part of a series dedicated to exploring four key questions that any CIO trying to steer their organization through this disrupted period now urgently needs to answer.
- How do I manage complex human capability?
- How do I uphold enterprise resilience and capacity?
- How do I maintain cybersecurity?
- How do I keep Digital Transformation moving?
Today, I am looking at the third question on the list: Maintaining cybersecurity
Bad cyber players love a crisis. Covid-19 has created the perfect storm for criminals intent on breaking through security controls while enterprises are naturally looking elsewhere, focusing on reshaping around the new remote working reality and keeping the lights on.
Estimates I’ve read suggest that as much as 90% of all workers are now home-workers using home networks and a mishmash of corporate and personal end points to get their jobs done. These uncontrolled new home hubs will inevitably open up corporate systems and data to significantly higher levels of cyber risk.
Data access is obviously king in today’s digitally-driven enterprise and it needs to be maintained by enterprises at almost any cost; but security and compliance are costs too high. Working out how to balance these imperatives certainly is not a new challenge for enterprise technology leaders and security pros. What is new is the speed with which the status quo has changed and the dramatic shift in reliance on home-networks which has totally changed the shape of the problem.
Right now, many customers I am talking to are feeling shell-shocked by events and struggling to know where to focus first. I would like to help by trying to boil the security and compliance part of this challenge down.
Look both ways. Right now, significantly more work is being created in uncontrolled home environments. Yes, this gives cyber criminals a new attack dimension. However, it is important for enterprises to keep their eye on the ball in terms of traditional threats to the data centre too such as popular DDoS attacks. These typically originate all over the globe and are likely to increase in the short term. What is your strategy for combating damaging DDoS activity?
Strengthen your end-point stance. Many enterprises have not spent much time on end point security, often only doing the basics required when it comes to their Microsoft Office 365 platform or Windows OS, deploying the security controls available within the remit of their Microsoft Enterprise Agreement. What can you now do to harden your systems and reinforce endpoints?
Small steps, big impacts.
- Patching, patching, patching. Enterprises need to prioritize patching programs and accelerate these activities ahead of all other security concerns as the key focus for teams right now.
- Get VPN up to capacity and enforce use. Virtual Private Networks are a CIO’s greatest ally. However, most are both under capacity and under used by employees. The next focus should be on increasing VPN capacity and insisting that home-workers use it. How can security teams manage this activity and police it? There needs to be a plan.
- Updated end-point OS upgrades. Security teams also need to ensure that everyone has an upgraded OS with all the latest security standards in place. Again, they need to work out how to manage this activity and police it.
- Shift data protection focus to near-term operational recovery. Enterprises need to be extra-diligent about all forms of data protection and put near-term operational recovery considerations ahead of long-term data retention.
- Consider creating a secondary Security Operations Center (SOC). This could potentially be externally managed to proactively address security problems 24/7: particularly useful when running a global operation.
As the world moves towards cloud-centric IT delivery, if you have a Virtual Desktop Infrastructure (VDI) in place you need to ensure that it is working as powerfully and securely as it could in these unprecedented times. Can your existing VDI solution really support your home-working population now and future proof your business against any new operational challenges that may arise?
The latest VDI solutions can give your people always-on access to enterprise apps supported by incredible business continuity, security and compliance advantages. They can help enterprises:
- Limit data loss from user devices and edge locations in the event of a ransomware attack
- Protect and rapidly recover data as and when unforeseen events unfold
- Monitor how data is being accessed and by who
- Extend self-service flexibility to end-users, supporting version-control and recovering hijacked or deleted data in the event of ransomware infiltration or accidental deletion
- Exercise full visibility and control over security, compliance and governance
If you do not yet have a VDI in place, I would suggest that there really is no better time to think about making the move
Security and compliance are obviously challenges that cannot be left on the backburner. With all evidence showing that cyber threats are on the rise I hope you have found some of the advice in this blog useful and feel ready and able to give your enterprise the extra protection it needs.
Paul Lewis is the global chief technology officer at Hitachi Vantara and can be reached at email@example.com. He can also be reached on LinkedIn at https://www.linkedin.com/in/paullewiscto/ and on Twitter via @PaulLewisCTO.