Cyber Security Tips For Digital Collaboration

Cyber Security Tips

October is National Cyber Security Awareness Month – a joint effort by the Department of Homeland Security and private industry to ensure that citizens and businesses alike have the resources they need to use the Internet safely and securely. Today’s cyber criminals are ingenious and constantly probing for vulnerabilities, and when breaches occur they can put the whole company at risk. Don’t give them the opportunity!

One of the biggest security challenges companies face is that the way we work together has changed dramatically – a transformation that is still ongoing. The term “workplace” is becoming an anachronism as people find new ways to collaborate digitally, anywhere, at any time. Sensitive information needs to be shared among dispersed teams that may include co-workers, partners, customers and other stakeholders. Some of these individuals are vetted and trusted, others…not so much.

Since most security breaches start with human error, now is a fitting time to share some reminders for employees and business users. Think of these as your first line of defense when collaborating in an unsafe world.

Don’t Intermingle Work and Personal Files

Always keep business and personal files separate, otherwise you’re asking for trouble. (A certain presidential candidate learned this the hard way!) For cloud apps, use separate accounts. If work and personal files must be on the same device, store them as far apart as possible, using different directory paths.

Use Strong Passwords and Keep Them Safe

According to Verizon’s 2016 Data Breach Investigations Report, 63% of confirmed data breaches involved leveraging weak, default or stolen passwords. Employees, contractors and everyone else in your business ecosystem should be required to use unique credentials with strong, unique passwords, rather than the name of their pet goldfish over and over. Even if a password is exposed just once, the potential consequences are enough to make a security manager cringe. Remind people that the infamous Target breach began when some hacker stole a heating contractor’s credentials, while at Home Depot, someone used a vendor’s username and password to steal credit card info for more than 50 million people.

Verify Email Addresses Are Correct

According to a Ponemon Institute survey of over 1000 IT professionals, 63% of respondents have accidentally sent files to the wrong recipients – people who clearly were not authorized to see them. Here’s a simple suggestion: if an employee needs to send an email to someone for the first time, have the intended recipient send an initial email so the employee can respond to it and use it thereafter. This eliminates the chance they’ll get the address wrong – misspell a company name, forget a dash (or add one), use “.com” instead of “.org“, etc., and send a file goodness knows where.

Don’t Send Sensitive Files using a Consumer-Grade Service

When employees need to share a file that’s too large for email, it’s tempting to send it through Dropbox, Box or some other consumer-grade file sharing service – or simply park it there for convenience. While many of these consumer-grade services have improved their security measures in recent years, they lack the file-level security and controls necessary for protecting sensitive data. For example, a file may be intended for information only, but people are saving it, renaming it, forwarding it others, pasting sections into a competitor’s sales campaign or misusing it in other ways that the sender never intended.

Have Remote Erase Capabilities, or an Effective Alternative

People are always losing their devices – at the airport, in the back of a taxi, at a restaurant, etc. If a device is used to store sensitive data, it also needs a remote wipe feature to be able to erase that data in the event the device is lost or stolen. (NASA learned this lesson the hard way.) Another approach that’s much more flexible is to use information rights management (IRM) software that can delete sensitive files instantly, on any device.

Don’t Share Your Devices with Family and Friends

With the holidays approaching, many people will be receiving new devices (laptops, phones, etc.) as gifts, and family and friends will be pleading for a chance to use them. According to a survey by Kaspersky Lab, one third of respondents reported sharing their personal devices, and of those, 32% took no precautions to protect their information. Why tempt people? In addition, some family members probably have minimal awareness or understanding of today’s cyber threats, and how cunning the perpetrators can be.

Stay Safe Online – and Collaborate with Confidence

Since most security breaches start with human error, educating your staff is an obvious way to reduce the risk. But we also have to remember that training only goes so far – whenever human beings are involved, there’s always the chance of risky behaviors and silly mistakes. And if someone takes advantage of a security lapse to sneak onto your network and steal sensitive data, the damage may not be apparent for weeks or months.

Thus a company has to back up its first line of defense with other measures to keep its information safe. Consider a solution that embeds encryption and user privileges directly into a file, including who is authorized to access it and what operations they can perform with it. These permissions then follow the file wherever it goes on, on any device it lands on. If sensitive data falls into the wrong hands, access can be immediately revoked. Companies get control over their files that’s not available with email or traditional file sharing. As business becomes increasingly powered by digital collaboration, it’s the way to keep sensitive information secure while using it to full advantage.

By Daren Glenister

Peter Tsai

Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Updated: 11.19.2020 What is IaaS? Infrastructure as a Service (IaaS) allows you to rent computing resources from a third party that you then access through the web. You essentially outsource having to set up ...
Kevin Julian

Patients Increasingly are embracing technology, and so must the pharmaceutical industry

Patients Increasingly Embracing Technology COVID-19 has driven home the need to use digital solutions more broadly, which means C-Suites may be turning to their CTOs for advice As lockdown restrictions went into effect due to ...
ISC2 Webinar

Key Results from the 2021 Cloud Security Report

2021 Cloud Security Report The 2021 Cloud Security Report, sponsored by (ISC)2, explores current cloud security trends and challenges, how organizations are responding to security threats in the cloud and reveals tools and best practices ...
Couchbase

Episode 12: Transitioning from a Relational to NoSQL Cloud Database

Relational to NoSQL Cloud Database Like so many other areas of technology, the database is changing. For a long time we worked with relation databases and SQL, but the demands for flexibility, security and speed ...
RPA-Data

How Digital Service Providers (DSPs) can Leverage RPA to Accelerate Data Migration by 2X

Accelerate Data Migration by 2X Ongoing trends in the Telco/DSP industry such as M&As, migration of the application to the cloud, and modernization of legacy applications have increased the frequency and scope of data migration ...