Employees with remote access to corporate networks continue to increase organizational vulnerability to cyberattacks. The proliferation of “bring your own device” (BYOD) equipment that includes personal smartphones, laptops and tablets, only increase organizational vulnerability.
In addition, remote workers’ use of public Wi-Fi in coffee shops, airports and hotels bypasses the organization’s secure VPN, opening more “digital doors” to unauthorized parties.
As organizations move increasingly to decentralize operations, the question becomes, “How can the firm protect itself from this growing vulnerability?” Network administrators, IT systems managers and even corporate leadership can all play a role in reducing their firm’s vulnerability.
- Control the device at the corporate level. BYOD devices should be actively managed (a process called mobile device management, or MDM), preferably on a dedicated platform, which is the basic hardware and software on which business applications reside. MDM tools ensure patches and updates are applied on a regular basis and enable remote IT support for problems. The best ones enable companies to manage device storage to segregate, restrict, and/or encrypt company data, control remote lock and wipe, scan files for malware, and more. The easiest way, by far, to make sure your MDM process is up-to-date and your mobile devices are protected is to hire an outsourced IT department, also called a managed service provider (MSP).
- Backup data regularly. Whether stored in the cloud or at a data center, automated backups have long been a foundation of IT and corporate security and continuity. With mobile devices becoming ubiquitous, those backups must extend to them, as well. They should include not only secure, encrypted backup of corporate files but also peripheral information such as contacts, emails, and other business data.
- Protect company email at the office. Many business leaders—and even IT pros—focus on device security only at the unit level. In reality, anything that originates at the office can often be protected there. One example is the award-winning Barracuda Essentials for Office 365, which manages and filters all inbound and outbound email traffic to protect against email-borne threats and data leaks. It also encrypts messages and spools email to the cloud if local mail servers or servers hosted in the cloud go down.
- Teach users to “own” their security. Educate users or have your MSP educate your users about what they can do to help secure their devices and their data, and continue to update them as new information emerges.
- Leave the hard work to the professionals. Small and midsized businesses (SMBs) struggle to manage technology—and security in particular. Cybercriminals know this, which is why they target SMBs so heavily. MSPs can secure organizations with all of the protections discussed here, and more, often for a single, affordable per-user fee.
For business leaders that ignore mobile security, the million-dollar question isn’t “Are We Vulnerable?” It’s “How Long Until an Attack Cripples Us?” You may have already been breached and not even know it.
To learn more about securing your organization and the benefits that managed services agreements provide, give Carmichael Consulting a call at 678-719-9671.
