It Doesn’t Take a Bad Actor to Create an Insider Threat
In our last post, we explained why consumer-grade file-sharing services are risky business in terms of data security. These tools are handy, but they provide very little control over how information is accessed and shared.
It has always been difficult to keep documents up-to-date and ensure that everyone on your team has the right version. Now that many employees are working remotely and sharing documents via mobile devices, the problem has only become more acute.
Cloud-based file-sharing services such as Dropbox, iCloud and Google Drive seem to provide a simple solution.
Virtually all companies today depend on computer networks to link employees, suppliers and customers, exchange information and facilitate a variety of essential day-to-day tasks. Unfortunately, that makes them susceptible to cyberattacks. It’s why all companies need an incident response (IR) plan — a structured process for detecting, responding to and recovering from cybersecurity incidents.
The Twitter hack last month demonstrates once again why managing access rights and user identities has become a critical element of cybersecurity. Hackers used stolen credentials to access the social media platform’s internal tools and commandeer the accounts of a virtual Who’s Who of politicians, celebrities and technology magnates.
Many organizations have had to scramble to implement technologies that enable work-from-home staff to access applications and data. Now that the initial transition is over, organizations should take the time to ensure they have well-defined policies and procedures governing remote work.
Enforcement of the California Consumer Privacy Act (CCPA) began as scheduled on July 1. Any organization covered by the law could be fined up to $7,500 per data record for failure to comply. What’s more, the CCPA allows individual consumers to file lawsuits against businesses for data breaches if the state attorney general declines to prosecute the case.
When millions of Americans shifted to work-from-home arrangements due to the coronavirus, it exacerbated one of the most troublesome aspects of cybersecurity — endpoint protection. With employees now using a multitude of devices such as smartphones, laptops, tablets and desktops to access the corporate network, IT security pros are left to deal with multiple new attack surfaces.
Network attacks, malware campaigns and phishing scams are on the rise as cybercriminals seek to capitalize on our increased anxiety about the coronavirus pandemic and the lax security measures of at-home workers. According to the FBI, threat reports through the first six months of the year have already surpassed the total for all of 2019, which was widely considered to be the worst year ever for cyberattacks.
Wi-Fi has become an essential business tool, capable of enabling greater flexibility, operational efficiency and customer service. But because Wi-Fi transports data over radio frequencies, it is vulnerable to six threats that don’t impact the wired network.
Businesses are aggressively adopting cloud-based productivity suites to improve agility, efficiency and collaboration in a work-from-anywhere world. Two of the more popular platforms, Microsoft’s Office 365 and Google’s G Suite, have hundreds of millions of users.
