By Gary Evans.
In previous articles, my colleagues discussed the enormous changes ushered in by the Covid-19 pandemic. As the virus endures and businesses continue to rethink their work model (remote, in-person, or a hybrid of the two), network security must remain front of mind. Your firm’s security investment—and this includes time, money, and personnel—is critical as it protects revenue and reputation.
How comfortable are you doing business with a firm that has suffered data breaches? Probably not very. Your customers hold the same expectations of you. Taking the time to properly protect your data and the equipment that stores it will go a long way to fending off network attacks such as ransomware, intellectual data theft, and CEO fraud (where someone pretends to be your CEO or other C-suite executive to access business funds).
Security, then and now
Prior to the pandemic, security plans focused heavily on the workplace—be it one building or numerous sites—and the employees and equipment within it. IT departments would perform updates, fixes, and other tasks necessary to keep things humming along. That’s not to say there weren’t breaches. There were. But “protecting the perimeter,” as security professionals like to say, was a bit easier. That’s no longer the case.
Today, the perimeter is vastly expanded. Workers might log in from home, a coffee shop, or a VRBO. Which means they’re using myriad Internet connections to tap into the firm’s servers. And many are on personally-owned equipment—be it a cell phone, tablet, or desktop. This is a change from years past when almost all workers were chugging along on company-issued technology. If your employees are using their own equipment, you need to know what security systems they have in place and how often they are updating that security.
In a video interview, Vision Net cybersecurity expert Ben Mayo discusses key steps to bolstering network security. I’ve compiled some of the most critical steps below:
- Education first. Make this the foundation of your security program. Focus on people, process, and procedures. Teach your people to recognize and report threats. And make sure this is part of the onboarding process for any new employee.
- Update your devices regularly. Security is not a one-and-done deal. You must stay on top of it to stay ahead of threats. Security patches and software updates are there for a reason. Use them across your PCs, phones, firewalls, and network gear.
- Provide remote employees with company-owned devices. Ben calls this “defending the end points.” Include end point device purchases in your fixed asset budgets to ensure your employees can rely on secure company-owned devices when traveling or working at home. Ensure all devices are protected with the best possible end point security solution such as Vision Secure, Vision Net’s suite of next generation anti-virus, anti-malware and anti-scripting software. Combining industry leading end point protection, end point detection, and response, our Vision Secure suite positions your remote and corporate staff to be safe and secure regardless of network or location.
- Know what’s on your network. This includes hardware and software. When you know exactly who’s logging in and on what equipment, you can leverage the most comprehensive security measures for your situation.
- Access the experts. The Center for Internet Security (CIS) provides more best practices in its Top 18 Critical Security Controls: https://www.cisecurity.org/controls/cis-controls-list/
Another best practice? Continual monitoring and support. If you have the manpower, you can do this yourself. Most companies hire a third-party firm such as Vision Net to manage this critical step. Make sure the firm you work with offers 24/7/365 network monitoring. Threats often reveal themselves outside of typical business hours. Additionally, be sure any network security firm you hire is equipped to support you with problem-solving as needed.
The Right Mix of Security and Solutions
Reducing exposure to cyber security threats requires investment, planning, employee engagement via education, and continuous attention. But don’t confuse quantity with quality. Having the right mix of security tools and solutions is essential. Sometimes, people think more is better, but that isn’t always the case. The most important thing is that you are deploying the right solutions. Good security protects revenue, assets, and reputation. These days, it’s also a key product differentiator among discerning customers.