Through 2020 and into 2021, cyber threats have increasingly targeted the end-user working from home, with attackers exploiting unprepared and distracted employees with laptops full of corporate data.
Cybercriminals using ransomware and other ‘fearware’ approaches know that many newly hybrid workplaces – those with some people working remotely and some in the office, perhaps part of the time – have not yet adopted the best practice for this situation.
A key threat landscape report from BitDefender, for example, has shown that cyberattacks involving ransomware multiplied sevenfold in 2020 – and cybercriminals have even begun targeting backed up data, typically stored in the very systems meant to act as insurance in case of data breach or loss. These trends are set to continue.
The good news is that building the cyber resilience that shores up an organization’s defences against such threats need not be a complex or costly exercise. In fact, it can be achieved by focusing on just four areas.
Mandate offline back-ups
Forrester has found that 83% of IT security professionals are finding that the expanded infrastructure they are now forced to oversee and manage has added complexity to their security challenges.
A really strong first step can be to make each individual employee responsible for backing up locally to a corporate-approved encrypted storage device – as we all know, delegating, when appropriate, can relieve the load by distributing work with accountability across a team.
Using offline backup technologies, especially in addition to cloud backup and other systems and applications, ensures data can always be recovered, thwarting potential ransom attempts. And with 256bit AES XTS hardware-encrypted portable drives with capacities of 18TB available, the task becomes easy: every remote worker can save data securely offline any time for local recovery in parallel with a centralized backup plan.
Ensure control at the endpoint
This expansion of complexity across organizational infrastructures, their staff, partners, and customers underlines the importance of investing in straightforward endpoint controls. This means considering the roles played by laptops, desktops, and BYOD devices connecting to the network, and then securing them.
Deploying the right solutions at the endpoint can allow employees to use their own hardware safely and give them autonomy – enabling them to, in effect, manage their own data. This guarantees operational agility as well as defence against today’s increasing risk of cyber-attack.
Gain visibility of all data
Another critical action is to ensure the organization develops and maintains an up-to-date view of all data and information assets and where this resides – typically by implementing appropriate monitoring and management applications or utilities, which can be a sensor or hardware-based or software.
Systems and processes must be put in place to ensure that an organization can easily control who is able to access information and whether it has been or could be put at risk.
Currently, as our own 2021 Global Security Survey has highlighted, many IT security professionals, and by extension, their organizations, are placing too much trust in employees when it comes to handling data safely.
Many enterprises benefit from technology that delivers oversight of the full environment, including an ability to configure and manage all endpoints. Meanwhile, ensuring a 360-degree view of all data can facilitate a fast and accurate response to any incident – or regulators’ questions.
Encrypt all data as standard
Here it should be added that encryption shouldn’t stop at the offline storage device.
Yet while many businesses do encrypt data held on mobile or removable storage devices, our 2020 research suggested that fewer companies may have looked at expanding their use of encryption beyond these to laptops, desktops, or even mobile phones. The risk this poses should be a major concern for all corporates today, not just governments or highly-regulated sectors such as financial services that are handling sensitive personal information.
Every organization should look at developing a policy that includes mandated procedures for encrypting all business data, whether it’s at rest or on the move – from headquarters to home office and back again.
That way, if the worst nevertheless happens, information lost or revealed cannot be deciphered.
For encrypting data at rest, FIPS 140-2 Level 3 hardware encryption is currently the gold standard. It should go without saying that encryption policies must also be regularly evaluated as the cyber threat landscape continues to evolve.
Mandated encryption is a vital compliance tool too. Organizations must be able to demonstrate that they have properly secured their information. In the event of an actual data loss or breach where this is not the case, they have little defence against the heavy penalties that can be levied under the likes of the General Data Protection Regulation (GDPR).
The last 12 months have reminded us all that even the most successful businesses can fall prey to disruption – whether caused by a data breach or global crisis. Organizations were already shifting the focus of their cybersecurity strategies from ‘complete security’ to building resilience – the ability to prepare for, react to, and recover from a cyber-attack.
Organizations must therefore strengthen their ability to retrieve and restore data fast after ransomware or any other cyberattack incident, prioritizing the minimization of downtime, ensuring that no matter what happens, they can get back up and running quickly. In addition, they need to be able to establish and remediate causes of disruption – while continuing to demonstrate transparency, compliance, and due diligence.