Critical Cybersecurity Protocols To Implement

Employees in the office or out and about are commonly using mobile devices, yours and theirs.  Your network is vulnerable wherever they are. 

It used to be that workers would come into the office, sit at their desk, work for eight hours (with a break for lunch in there somewhere), and then go home. Now, however, work is moving out of the office and into, well… everywhere else. With teleconferencing, smartphones, cloud computing, and a long line of other mobile technologies, today’s workforce has evolved. Workers are used to always being on the go.

For that to be possible, though, they need to be able to access their work data from anywhere. The world has adapted to the point where that “always connected” mentality is necessary. The problem with being able to access your data from anywhere, though, is that other people can find ways to access that data, too—people you don’t want going through customer information, company financial records, and other secure data.

Security provider Blue Coat reports that the average data breach costs an organization $10,000, with some breaches being more commonly reported in the tens of millions. In order to lower the risk of such a breach, it’s wise to put security protocols in place and map the process out on in a step-by-step format via workflow management software for the entire organization to see. Here are a few protocols you should keep in mind when creating this process internally.

Install malware protection software

Mobile malware used to be uncommon, but its popularity is growing. In the past, it was difficult to infect an Apple mobile device with malware, because it required the user either to actively download an infected app from Apple’s store or to jailbreak their phone in order to install their own unauthorized apps. In 2015, however, it was discovered that attacks using XcodeGhost and YiSpecter did not require those same vulnerabilities. To counteract these and similar threats, companies should make sure that any device employees use to access the company’s network or records has malware protection installed.

Update apps as soon as possible

Cybercriminals are working day and night to find and exploit new vulnerabilities, and the people who built the apps they are attacking are working just as hard to fix those vulnerabilities. Get your employees in the habit of keeping all apps on their phones, laptops, and other devices they use to connect remotely in order to remain protected against breaches.

In the same vein, enforce a policy that regulates which apps employees can and cannot download or access using the company network.

Require a PIN/passcode for all mobile devices

Criminals looking for secure data may not even need malware if they can get their hands on an employee’s mobile device. Whether the employee has stored the secure data on their device or regularly uses it to access the company network, it presents a vulnerability. The first step to closing this security gap is a simple one—require all employees to utilize a PIN or passcode in order to unlock the phone. Make sure that it is a secure password and that it locks within five minutes.

When it comes to passcodes, longer is generally better. A four-digit PIN means there are 10,000 possibilities, but professional hackers won’t be deterred. On iOS, your employees can go into settings and turn the “Simple Passcode” setting to Off.

Set up devices for remote wipes

If one of your employees actually does lose their phone, whether it was stolen or misplaced, you don’t want that data to be outside of your control. If all else fails, you need to be able to take that information out of the wild. 

Set up your devices so that, in an emergency, you can access it remotely and wipe all of the data stored on it. Depending on the type of device your employees are using, this might require you to download a special app, or it might come as part of the standard suite. With the remote wipe enabled, a lost device will still be the loss of an asset, but it won’t necessarily become a security breach.

CTO Vision:               BYOD Security Report:
 

« AI Ushers In A Whole New Era Of Hacking
China's Great Wall Into Russian Cybersecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cambray Solutions

Cambray Solutions

Cambray Solutions specializes in locating and securing technical professionals, managers, and executives.

Akin Gump Strauss Hauer & Feld

Akin Gump Strauss Hauer & Feld

Akin is a leading global law firm providing innovative legal services and business solutions to individuals and institutions. Practice areas include Cybersecurity, Privacy and Data Protection.

Arxan Technologies

Arxan Technologies

Arxan is a leader of application attack-prevention and self-protection products for Internet of Things (IoT), Mobile, Desktop, and other applications.

France Cybersecurity

France Cybersecurity

France Cybersecurity represents the French cybersecurity industry to raise international awareness of French cybersecurity capabilities and solutions.

Kenexis

Kenexis

Kenexis is a consulting engineering firm providing services for process hazards analysis, fire and gas mapping, and industrial cybersecurity.

CSL Group

CSL Group

CSL solutions provide complete end-to-end connectivity services for Security, Fire, Telecare and other mission critical M2M/IoT applications.

Jeffer Mangels Butler & Mitchell LLP (JMBM)

Jeffer Mangels Butler & Mitchell LLP (JMBM)

JMBM is a full service law firm providing counseling and litigation services in a wide range of areas including cyber security.

Digital Transformation EXPO (DTX)

Digital Transformation EXPO (DTX)

Digital Transformation EXPO showcases the latest technology and insight from the world’s leading brands and experts in DX.

Capula

Capula

Capula is a leading system integration specialist for control, automation and operational IT systems across all applications and industry sectors.

InnoValor

InnoValor

InnoValor realises value from digital innovation for organisations and government. We provide advisory services and develop innovative software solutions, based on our background in research.

CyberSwarm

CyberSwarm

CyberSwarm is developing a neuromorphic System-on-a-Chip dedicated to cybersecurity which helps organizations secure communication between connected devices and protect critical business assets.

Crypto International

Crypto International

Crypto International offers comprehensive services for the operation of our customers’ IT and communication infrastructure, with a focus on cybersecurity and encryption solutions.

SAM Seamless Network

SAM Seamless Network

SAM Seamless Network is a cybersecurity technology platform that protects the connected home, by tackling cyber security threats at the source.

Intrepid Solutions and Services

Intrepid Solutions and Services

Intrepid Solutions and Services provides technology solutions and professional services to key components of the intelligence and national security communities.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

CyFlare

CyFlare

CyFlare’s security platform integrates your tools with ours – delivering true positives, automated remediation, and interactive analytics built for security management teams.