With businesses of all sizes turning increasingly to the cloud for storage needs and application hosting, security ranks high on the list for ensuring system availability and data integrity.
What steps should your business or enterprise take to maximize security and minimize risk?
Trends to Watch in 2019
Protecting your data and business functions from cyber thieves and hackers is a never-ending challenge. The Internet of Things (IoT) continues to reveal new vulnerabilities for such criminal elements to exploit.
New initiatives and regulations will prompt businesses to address cybersecurity in new and creative ways.
1. Privacy Regulations
The EU has now implemented the General Data Protection Regulation (GDPR) that provides significant fines and penalties for businesses that fail to comply with the new requirements for securing the personal data of EU residents. The challenge to security teams and businesses is that the legislation does not clearly define personal information, nor what constitutes “reasonable” steps to protect it. The onus is therefore on business owners to define those interpretations broadly, to escape penalties.
The trend? With the EU’s adoption of GDPR, it’s a safe bet that many countries will follow suit.
2. Managed BYOD
Mobile workforces utilize their personal laptops, tablets, and smartphones to access corporate applications, email, text, and much more. With BYOD (Bring Your Own Device) being commonplace today, many vulnerabilities are present due to unprotected operating systems and public networks.
Businesses need to incorporate new safeguards and management capabilities of personal devices, to minimize risk to their organizations. One of the most effective ways to mitigate cyber security risk is to equip all employee devices with VPN services. This ensures their internet connection is encrypted no matter where they are access company data and systems from.
3. Reigning in Personal Access Privileges
Many companies have put less emphasis on access rights provided to internal employees. This has already begun to garner more attention, as security tools become more sophisticated in tracking the activities of personnel.
Privileged accounts, such as those provided to network managers and other administrative-level resources, will become less all-encompassing. Shared administrator accounts will become a thing of the past, so that activities can be traced to an individual, not a group.
Implementing an Identity Access Management tool (IAM) will be an important initiative for many enterprises.
4. Securing the Cloud
Most enterprises now operate at least portions of their business portfolio in the cloud – even if only to support global email services or similar functions. Smaller companies have leveraged cloud hosting for primary business functions, to avoid building internal IT organizations and to control costs.
The problem? Not all cloud services provide the level of cybersecurity that protects personal information or company-confidential records.
2019 will usher in tighter scrutiny on cloud security, as cloud providers are charged with demonstrating auditable proof of adequate security measures.
5. Two-Factor Authentication
With the ease cyber thieves now have in compromising passwords, two-factor authentication (2FA) will be a trend adopted by many businesses and service providers. Passwords will likely still serve as one of the two factors. Other options may include:
- Authentication applications that ask a previously-answered question, and match the answer
- Biological attributes such as fingerprints or retinal scans
- Tokens mated to a physical device – tablet, laptop, or smartphone
What Action Can You Take Now?
Being knowledgeable of the coming trends in cybersecurity is the first step toward preparing your business and employees for changes that are trending for 2019.
Your best defense today, and throughout 2019, is to make every employee aware of basic cybersecurity best practices:
- Secure your passwords – make them as strong as possible, and enforce regular password changes
- Test and audit your existing security defenses, and take immediate action for vulnerabilities
- Identify your most critical data, prioritizing protection accordingly
- Maintain awareness of legal obligations to control access to personal/medical records
Ponemon Institute’s recent study estimates the average cost of a data breach is up 6.4% over the prior year, to $3.86 million. Taking action now to protect your business, customers, and employees from cyber attacks will minimize your exposure to these criminal elements.
