Your employees want to be able to jet off to an exotic island for a month, or maybe more practically, do a bit of work while they travel. You’re understandably worried about what this means for data protection, security, productivity and collaboration.
We can’t sort out the last 2 for you, but we have tactics you can use right now to secure your organization.
With a solid data protection plan in place, it won’t matter if your employees are working from a poolside cabana, their home office or from a cubicle in your headquarters. Security can be as mobile as your workforce, traveling with them wherever they go.
Your first step is to protect all devices and accounts.
5 Security Controls To Add to Your Devices and Accounts Right Now
1. Strong passwords baffle the bots
Let’s dispel a common perception about cybercriminals right now. Hackers are not sitting hunched over their computers, manually typing in your username and password. Bots do it for them. The maliciously programed robot quickly runs through weak choices, like Password123.
Odd character combinations are harder to crack
Password generators provide long strings of numbers and characters that protect you against AI-powered bots. Don’t attempt to memorize the random combinations and definitely do not store them in a document on your computer or a draft email. Use a password manager to secure all credentials.
2. Multifactor authentication stops account break-ins
Bots are only one piece of equipment in the hacker’s unethical toolkit. They can get into your account through other means, like:
- Keystroke logging malware
- Phishing schemes
- Buying your personal information on the Dark Web
Multifactor authentication renders those tactics obsolete
The hacker can steal your password, but you’re the only person who gets the code.
3. Quickly uncover breaches with endpoint detection
Any device connecting to your network is an endpoint, and each endpoint is an opportunity for cybercriminals to slip into your systems. It can be months before you realize their presence. Endpoint detection solutions monitor your devices 24/7. Suspicious activity is immediately flagged for review. The faster you can discover an issue, the quicker you’ll recover and the less money you’ll lose.
At Zimcom, we use endpoint detection and response to secure virtual machines and stop breaches before they happen.
4. Limit admin access, decrease risk
Cybercriminals target admin accounts because this level of access grants them vast power. With an admin account, they can change other users’ permissions, disable security configurations or even lock you out of your own system.
Most of your employees don’t require admin access, so don’t give it to them
If a legitimate need arises, grant it on a temporary basis.
5. Solidify your WiFi plans
Unless your employee’s poolside cabana is in their backyard, they’re hopping on a flight and staying in a hotel or rental equipped with WiFi.
Public WiFi isn’t secure
What’s offered in vacation rentals isn’t much better – any previous guest could have hacked the router.
Require traveling employees to only connect to password-protected WiFi
An even better step is to have anyone working outside their home office or your building use a virtual private network (VPN).
Once you’ve secured devices and accounts, make sure the cloud environment you’re connecting to is safe.
2 Tips for Improving Cloud Security
1. Understand what’s included in your public cloud solution
Touting “exceptional” cybersecurity, Microsoft, Google and Amazon get businesses to sign up for their public cloud solutions. Except the promises don’t mention a critical point. Those cybersecurity features aren’t automatically up and running on day 1.
You or your cloud provider has to:
- Turn on the protections
- Properly configure everything
- Provide ongoing security management
If you skip those steps, you’re in an exceptionally vulnerable position – not a secure one.
Depending on your license, certain features won’t be available
This chart from Microsoft shows how features vary between different enterprise licenses. Few people have the time or desire to do this kind of deep dive (We don’t blame them). Your cloud solution provider will save you from this exercise. Call them. Discuss your license, ask about what’s included and what additional steps they’re taking to protect your data.
2. Ask your private cloud provider how they protect your data
Private cloud solutions offer a higher degree of control of resources, costs and security. During your migration, you and your cloud provider hopefully discussed data protections. It never hurts to check in with your provider and check that your cloud is properly configured and secure.
Here are 7 cloud security essentials you want to talk about when you meet:
1. Ransomware Protection
2. Multifactor Authentication
3. Endpoint Detection & Response
4. DDoS Protection
5. Web Application Firewall
7 Essentials To Protect Your Business
Get your secure cloud hosting checklist
1 Critical Safeguard
Many cloud providers ask you to pay extra for a protection every Zimcom client has built into their service offering: 30 days of backups, including a copy to another secured data center.
So why do we automatically put this in our solutions instead of making it an add-on cost? It’s insanely easy to lose data. The “delete” button or a distracted click can wipe out valuable information, instantly.
Human error is the leading cause of data loss
A study conducted by Tessian and Stanford University found that 85% of breaches are caused by human error. To find out why, the researchers dove into the psychology of workers who experienced an attack.
WFH made people distracted and dangerous
Breaches and data loss frequently occurred when people were distracted or stressed. A rapid shift to working-from-home and the uncertainty of the pandemic caused both to skyrocket. There’s only so much you can do to alleviate anxiety. You have more options when it comes to stopping data loss.
Tailored backup, disaster and recovery plans keep you secure and compliant
Stray clicks shouldn’t cause you to lose invaluable data. Our 30 days of backups is a starting point. We then work with clients to create a customized backup and disaster recovery solution to meet their data retention, compliance and security needs.
Put Cloud Data Protection on Autopilot
Your employees want to continue working from anywhere. We want to help them do it safely. You have enough to think about without worrying about cloud data protection. Let us manage your cloud security.