‘Securing the New Normal’ emphasizes cybersecurity
This year the question on the minds of business owners is most likely, How do we keep succeeding in the current business environment?
This question was answered at a recent virtual Hawaiian Telcom University event themed “Securing the New Normal: Cybersecurity in 2021,” with co-host Fortinet, a global cybersecurity solutions provider. Data outlined by Fortinet also indicated old vulnerabilities are resurfacing. During a time when the need for identity and asset protection is as great as it is, today’s businesses and those in development need to do what they can to prevent, detect and respond to threats.
Prior to March 2020, sensitive data attackers needed to gain access behind seven or more layers of security so the amount of effort required was not equal or greater than the potential payoff, leaving attackers to go elsewhere. An average office worker in the average office building with an average IT staff had a few things going for them. That worker was likely sitting at a company-issued computer that received automated updates, anti-virus protection, system backups, business-class network security and possibly redundant or software-defined internet connectivity.
However, fast-forward to 2020 and that same worker may have some of those protections but none of the management overhead. In the last year, COVID-19’s forced transition to remote work resulted in many businesses unintentionally reducing the number of security layers for remote employees, and that same employee may now just be getting by on their own personal computer using their ISP-provided router that was not designed to protect against high-profile attackers. This worker is no longer benefiting from the layers of security necessary to offset the potential risk to the business.
So, what actions can be taken? Start with the basics and work up from there.
1. Take inventory of your assets.
You cannot secure anything until you know what you have. A building wouldn’t be considered secure unless the exact number of existing exits and entrances was known. IT infrastructure and systems are no different. Create a running inventory of all virtual and physical systems and their locations. Then build on that list with cloud services, increasing the IT inventory every time a cloud service is added.
2. Update your assets.
After inventory’s been taken, start verifying everything is updated and patched regularly or through a scheduled process. Also, make sure there is a way to verify completion in the future. The check could be an email reminder or an automated IFTTT (if this, then that) action. Don’t over-think this; just make sure your known assets are now getting patched.
3. Secure your assets.
Pick a password management tool, and use it for storing passwords and access methods. Take the time to execute this critical step, and make sure there are zero overlapping passwords for IT systems or infrastructure to maximize protection.
Finding the right balance between cybersecurity and business agility might seem daunting, but protecting your business, especially during the current changing landscape, will set the stage for future success. These steps might not solve every problem to come in 2021, but they will strengthen your positioning to be ready for any challenges.
Evan Horton is senior manager — network services operations for CBTS. He can be reached at evan.horton@cbts.com.
© Honolulu Star-Advertiser
Visit this article in the Star-Advertiser.