How to protect your business during a cyber attack

Swivel Secure CEO Adrian Jones offers up his advice on what to do if your technology infrastructure has been breached.
Author:
Publish date:
adrian jones swivel secure

We have become completely surrounded and reliant on our devices, as the environment we live in is continuously overcrowded by technology advancements. Businesses have become immersed in digital technologies in order to remain efficient, maintain effective communication and produce significant revenue to stay profitable.

With this, businesses have become extremely vulnerable to hackers whilst relying heavily on digital infrastructure. Sensitive data becomes easily accessible once the digital system has been compromised and infiltrated.

Businesses are often complacent and quick to underestimate the potential detrimental effect when its technology infrastructure is breached by hackers.

Vulnerability is high with the rising popularity of businesses using cloud services, due to its appealing storage and computing advantages. For example, when businesses start to outsource their data, more precautions ought to be taken rather than less, to control exactly who can view the shared files. The best way to avoid such a risk is by ensuring that only the authorised people can access the data and that files are shared in real time.

Data leakages, malicious hacks or compromises of user accounts are just some of the external threats that affect the cloud, but that doesn’t mean it should be seen as a blind spot for businesses. The best strategy is to implement the traditional precautions like strong authentication and risk-based authentication (RBA), to protect the data held within the cloud service.

Passwords are usually the only barrier between us and our data, making them an extreme vulnerability for a business of any size. Two-thirds of people use no more than two passwords for all their online accounts and 40% of them store all their passwords in a document.

With large enterprise organisations holding huge amounts of sensitive data, that many team members require access to, cloud-related data breaches are a high risk. One way to reduce these breaches is by implementing risk-based authentication.

Highly-sensitive business data becomes an easy target to hackers when anyone within the business team is granted access with one password. However, by restricting user access, you are minimising the knowledge of valuable passwords and cyber attack risk. For example, granting access to only management positions and denying the access for others, automatically contains the risk for passwords to spread whilst also pinpointing the responsibility if data leaks were to occur.

A simple solution to help businesses enforce quick and effective data restrictions is through risk-based authentication. This is a policy engine designed to determine the level of authentication required for each user to access cloud applications.

Using a set of rules and points system, a business is able to allocate the level of security required. For example, an individual’s access can be determined by the device they are using, their geographical location, as well as the application they are trying to access and many more variables.

This is also a great way to improve business productivity through granting users quick and seamless authentication when necessary.

Unprotected data and accessibility are of the most common downfalls for the majority and can result in detrimental outcomes like closing downs or lawsuits if confidential data is exposed.

In order to keep up with the increasing security risks and technological developments, businesses can look to protect their most vulnerable aspects with intelligent security solutions like two-factor and risk-based authentication. Businesses need to start changing their attitude from “it won’t happen to us” to “it could happen to us and we need to be proactive in ensure we prevent it”, as it is, unfortunately, a reality.

Adrian Jones is CEO of Swivel Secure.

-------------------------------------

PCR's Sector Spotlight on Security - in association with BullGuard - is running throughout October - click here for more articles.

bullguard spotlight


Like this content? Sign up for the free PCR Daily Digest email service to get the latest tech news straight to your inbox. You can also follow PCR on Twitter and Facebook.

Related

1-simon-shiu.jpg

How to protect from firmware attacks

Firmware is an often overlooked area when it comes to security, but Simon Shiu, head of Security Lab at HP Labs, believes that more can be done to ensure that devices can be securely updated