By Sachin Nigam, CTO & Co-Founder of Goavega Software
Even as the world comes to terms with the new normal in the post COVID era, the cyber space continues to remain one of the most vulnerable dimension for businesses and economies. While e-commerce and increasing digital adoption across sectors, has been a saving grace for the both, government and businesses, the increased instances of data fraud, cyber security breaches and ransomware/ malware attacks, are posing a huge threat to not just the financial security but also personal privacy and life at large. Additionally, the ‘work from home’ mandate has forced several businesses to allow employees to access and share sensitive data through their home or private servers which lack the requisite data security and protection. From fintech, ecommerce and education technology applications to the more sensitive health technology solutions are increasingly falling prey to cyber-crimes, even as the governments and economies come to terms with the legal framework and secure SOP protocols, to avoid further crimes.
As an enterprise, under such conditions, it can be tough to always be on the edge and look out for possible cyber frauds or data breaches. However, listed here are 5 simple cyber security protocols that can go a long way in protecting not only the corporate and financial data of the company but also ensure the safety of end consumer, partners, and vendors.
1. Adopt Cloud Computing: A move to cloud based tools can help ensure a centralised data storage and management system that allows selected and marginal access to different set of people within the same company or among the customers and vendors. Additionally, the secure server and single device management can be created to be in-tune to ensure remote systems have up to date critical patches.
Set SOP for remote working staff: Setting up and educating the remote workforce and those working from home, about set cyber security protocols, can go a long way in ensuring cyber security. From using security practices that do not put any confidential/IP data at risk to using interactive and engaging methods to educate the workforce, several traditional and innovative methods can be implemented to ensure the security SOP’s are in place. The training part can be gamified so that employees find it engaging rather than treat it as just another training program. There are many ways to gamify the employee awareness programs on cyber security including Capture the Flag etc. These gamified trainings, coupled with strict adherence to new policies and remote work SOP with well-defined DOs and DONTs, are a key to ensure there is uniformity in security practices.
Make use of VPN/tunnelling for accessing sensitive data: VPN or Virtual Private Network is one of the easiest and secured method to set up a safe and encapsulated connection over a public or unsecured network. Tunnelling also allows for a relatively secure data exchange over a well encrypted network connections. Leveraging these technological tools can help strengthen the remote workforce of the company while also helping partners, vendors, and colleagues, to remain safe.
Third Party Compliance: While all measures are being taken to ensure a safe network and exchange of data happens within the company and its employees, it is equally important to ensure that third party partners and/or vendors are also compliant with company’s cyber security policy. From education and training programs to specialised VPN and encrypted communication platforms, organisations can help build a strong, safe and well- connected network of business stakeholders, irrespective of physical presence.
Run scheduled vulnerability scans: This is as important, if not more, than actually setting up a system, protocols, and SOP’s. By regularly running both internal and third party vulnerability checks (or WPAT or otherwise), organisations can gain valuable insights into the potential security threats while also measure the efficacy of the current cyber security set up, both in a safe environment and on all systems exposed to public.