Cybersecurity is evolving quickly. Amidst all the uncertainty of a third pandemic year, Calgary businesses must be more proactive in order to keep their businesses moving forward. The ITeam can help you align your IT strategy with your business goals, help you meet compliance requirements, and help you protect your data with a cybersecurity strategy designed to meet the needs of your organization, and there are new trends on the horizon that may impact your business.
The Rise of Remote Working
One of the biggest shifts in the workplace that escalated during the pandemic is remote working. Supporting remote workers over the last several years has revealed gaps in cybersecurity. We’ve worked with several of our Alberta clients to shore up their cybersecurity to accommodate staff working from home. Remote work will only continue to increase, so it’s important to make sure you have policies in place to govern the process. In addition to creating a remote work policy, there are a number of steps you can take to support your employees in their efforts to work from home, including:
- Supplying employees with laptops or loaning monitors so that you can prohibit the use of personal computers for work and reduce your risk
- Increasing your number of VPN licenses and ensure you have the bandwidth to handle the additional users
- Implement VoIP or use an app that will forward calls to the employee’s cell phone
- Encourage and employ video conferencing, instant messaging, texting, and other distance communication formats that allow your teams to stay in touch and collaborate
- Purchase any hardware your teams may need to facilitate working from home, or loan out the equipment from your office
Increase in Ransomware Attacks
Ransomware has been a growing issue threatening businesses, government agencies, schools, medical providers, and more. The threat will continue to grow this year, as we’ve seen with the log4j zero-day threat. According to Reuters, ransomware attacks increased by 151% in the first half of 2021. And according to the Communications Security Establishment (CSE), “Ransomware operators will likely become increasingly aggressive in their targeting, including against critical infrastructure.”
As threat actors continue to become more sophisticated and targeted in their attacks, organizations will need to work diligently to remain one step ahead. This means stepping up employee training and awareness programs, moving deeper into a zero-trust climate, increasing the use of information security tools, and establishing separate and secure offsite backup and disaster recovery.
Widespread Adoption of MFA
In the not-too-distant future, we can hope that usernames and passwords will become obsolete. But until they do, the extra layer of security added by multifactor authentication will become the norm. Most of us already use MFA for banking applications (you get a text with a code to enter after logging on with your username and password, for example). But in the next year, MFA should become commonplace. MFA is a solution your organization can use to make it more difficult for someone to hack into your data with a compromised username and password found on the dark web. It makes it virtually impossible for someone to hack into the protected account.
Requiring MFA for access to your business network isn’t troublesome or time-consuming. It’s the smart way to add a layer of protection that prevents unauthorized access to your network. Calgary businesses need to begin recognizing that employing MFA as part of their overall IT security strategy can literally prevent security breaches by implementing MFA as a part of their overall IT security strategy.
Increased Threats to Cloud Security
The benefits of cloud services – scalability and efficiency, cost reductions – often outweigh the risks. But misconfigured cloud settings are akin to lighting a neon sign and saying, “Hack me.” They occur far too often. With the average data breach costing more than $3.5 million, increasing cloud security is essential. MFA is a part of this increased security, but so is managing access to your network, partnering with an MSP who can help monitor for threats and ensure the application of patches are completed in a timely manner.
It’s impossible to prevent employees from using mobile devices for work. It makes your employees more efficient – but these devices have also introduced a huge new threat, especially with the growing ubiquity of IoT. The same phone your employee uses to access your network might also be connected to their fridge, their car, and their doorbell. There are more access points than ever that lead to increased risk. Mobile phones are being used to conduct business whether you authorize it or not, so your best bet for protecting your organization is to have a highly sophisticated MDM security plan in place that includes the following:
- Strict usage requirements that include installing your security on the device being used and requiring the use of a secure network when conducting business
- Remote wipe capabilities to disconnect the device from your network in the event that it is stolen, or the employee leaves the organization
- A no-tolerance policy for any employee who refuses to comply with the security requirements
The Push for Data Privacy
First there was GDPR, then PIPA. HIPAA in the U.S. Now, many countries are considering data privacy laws similar to Europe’s. As data privacy becomes global law, the businesses who fail to protect that data will find themselves not just losing customer loyalty but also facing significant fines. Ensuring you meet the local and global compliance requirements for your business will be essential.
The ITeam understands the cybersecurity trends that will challenge businesses in Canada. We are committed to helping Calgary- and Alberta-based businesses develop proactive, cost-effective IT strategies that minimize risk and maximize efficiency. Contact us to learn more.