Each time you get into your car you buckle your seat belt, drive within reasonable proximity to the speed limit, rely upon safety controls like anti-lock brakes, and follow most traffic regulations. These controls are in place – and we’re willing to comply with them – because we know accidents can happen.
This is what IT needs to think about when it comes to securing their digital workspaces. They need to implement the proper safety controls to prevent data breaches and take measures to minimize the spread of damage when a breach occurs. So what are the biggest safety threats facing IT?
In a recent global study by Kensington, entitled “Voice of IT", IT executives pegged these as their top 3:
- human error
- lack of process
- workers not following established processes
Sadly, not one of them is going to disappear anytime soon. Human error is too much a part of human nature, workers are too focused on productivity to respect every process every time, and workarounds are just too easy. And how many human errors or process breaches does it take to wreak havoc with your infrastructure?
What all of these challenges have in common is that they’re introduced by the actions of workers, just as every safety system in every car around you on the road is undermined by the people behind the steering wheels.
Defensive Driving Maneuver #1: Prevent Ransomware & Other Malware Attacks
Security breaches, malware and ransomware are massive concerns. According to the Cyber Threat Alliance, CryptoWall, one of the most lucrative and broad-reaching ransomware campaigns, was responsible for more than $325 million in damages and hundreds of thousands of attempted attacks as of November 2015. Victims are usually infected via an email phishing attack to transmit malicious code. To be successful, the malware relies on nothing more complex than a moment’s worth of carelessness on the part of a single worker. And how hard is that to engineer?
Be defensive. Protect your workers and your infrastructure from simple, easy-to-make but potentially tragic mistakes. Just as airport security lines only allows travelers with valid IDs and tickets past the gates, context-aware whitelisting and blacklisting can ensure that only permitted applications can be executed – and the list of “permitted applications” can be governed by IT based on (1) what the business allows and (2) each individual worker’s context at the moment of (attempted) access.
Defensive Driving Maneuver #2: Automate Policy-driven Onboarding and Offboarding
One of most haphazard processes I see in any organization is around providing app and service access to workers when they first join an organization, transition into new roles, or leave the organization. How commonplace is it for a worker to retain access to cloud apps, company email or more weeks or even months after their departure?
Part of any good safety procedure is ensuring that everyone and everything is accounted for. Think about the buddy system where everyone has someone looking out for them. It’s a simple safety measure, but highly effective. So why can’t onboarding follow the same protocol? Here’s how. Automate the processes and workflows that govern the access each worker has to each system. Determine what the access should be for each person, based on immediate working context, and track it for guaranteed, easy audits. Now you can adjust for role changes as if you had the latest self-driving car technology, and instantly revoke access when a worker leaves an organization. It’s like taking the keys away from your 16-year-old son. Nobody gets what they shouldn’t have. And there are no unfortunate accidents to clean up.
Defensive Driving Maneuver #3: Steer Clear of Shadow IT
“I want it now!” Workers who don’t immediately get what they need from IT will simply find an alternative. They’re often just a credit card away. The result is “Shadow IT,” which creates a whole new set of security and compliance risks. This is a key reason why IT pros make themselves readily available for access requests or ad hoc needs 24/7. But what if you could offer on-demand self-service – easy enough to provide the access workers need, and smart enough to prevent workers from circumventing access rules?
If your workers are looking for a fix for an on-the-fly access problem, give them an easy solution: a centralized, self-service location where they can request apps and services from IT and get instant gratification. This can be password management, access to a new data drive, or a request for a particular app. The best way to prevent workers from going around procedures is to give them an instantaneous and reliable way to get what they need.
Introducing RES ONE Security
These are just a few accident-avoidance suggestions – things meant to help you keep out of trouble in what is becoming one of the most challenging roles in the enterprise: keeping the organization on the road, while avoiding impacts, accidents or even tragic losses.
Introducing RES ONE Security, a workforce-oriented approach to delivering technology in the safest way possible for the digital workspace. Our people-centric approach to security protects against internal and external threats, gives back control to IT organizations and – most importantly – gives workers the freedom to choose how, where, when and from what device they want to work.
Like any safety protocol, security should come naturally. When you buckle your seatbelt, are you consciously aware of engaging in a safety protocol? Or is it just something you do because you’ve long since concluded it’s the smart thing? Security should happen the same way and be non-restrictive for the worker who, after all, just trying to get his or her job done.