The world today is hyper-connected. We are always online via our smartphone, our laptop, or even via our ‘smart’ car. This also means that you can access your company’s data and apps from any location. But are you aware of your cyber hygiene?
Always on: that’s good for the user’s experience. But it has one major disadvantage: more possible attacks. People download many apps, while the threats are becoming increasingly sophisticated. You can install those threats on your device or network without noticing it. It is happening every day. We recently held a local survey among a representative panel of 500 IT managers and IT professionals (in the Benelux). No less than 64% of the respondents had at least 1 security issue last year, with malware occurring most frequently.
In addition, data are increasingly becoming “business critical” in a business environment. Traditional security – best compared to a castle with thick defense walls – no longer works in this digital landscape. But how can you prepare or defend your company from those attacks?
Invest more in security?
That’s possible but not very effective. Spending too much of your IT budget on security chokes innovation. Moreover, our CEO Pat Gelsinger said earlier: “Security has been broken. Companies spend a large part of the IT budget on security today. It’s even increasing, but at the same time the number of security breaches – and the costs – are growing faster than the total amount spent on security. “
You can’t protect everything
And scanning all the bad things will be impossible in the near future. So, inherently better protection means that undesirable behavior can be identified. With this new approach, legitimate users can do whatever they want, as long as it stays within the set parameters. This is the only way in which a company can benefit from the power of digitization without being exposed too much to the risks. VMware provides a software layer that we lay over the data center, cloud and peripheral infrastructure. This ensures maximum visibility and clarifies the interaction between users, apps and data. And threats can be identified before they have an impact on the work.
Cyber hygiene
Even more important than security technology is your employee’s behavior. It’s very important that everyone in your company, from IT managers and professionals to employees, is aware of the five principles of ‘cyber hygiene’:
1. Limited privileges
Give employees the minimum necessary access to data they need to perform their work.
2. Micro-segmentation
Divide the IT environment into smaller parts in order to be able to manage it more easily and to limit the damage (by isolating the infected part from the rest) in case of a breach.
3. Encryption
Encrypt all data when you send or save them. If someone steals those files, the hacker only has unreadable data.
4. Multi-factor authentication
Single passwords are no longer sufficient today. It is more secure to have the user ID and system components verified with multi-factor authentication.
5. Patching
Keep your systems up-to-date, because an outdated version of software is de facto a security risk. Try to automate them.
If you implement these principles in your company, then your security odyssey will not become an agony! Listen to Joe Baguley, why the basic principles of cyber hygiene are so important for your organization: