The Importance of Being Diligent About Cybersecurity
May 9, 2018
The more advanced technology becomes, the greater the risks that can arise.
Statistics show that cybercrime is at record levels while solutions (and user responsibility) are struggling to keep up. With technology’s evolution becoming unstoppable, we ask if cybercriminals will prove to be the same…or if the future can be secured.
In our previous blog, we looked at how technology is accelerating. To understand the future, let’s examine the present. When 2018 began, it found a world of 4 billion internet users. 3 billion of these users advertise their lives on social media, with 90 percent owning a mobile device of some kind. Total mobile device users surpass even internet figures; 5 billion of us now carry a cellphone.
More machines, more machines
These numbers give some idea of how many are at risk from cybercrime, but even more so when we consider how few protect themselves. Microsoft reported last year that as many as 44 percent of their users are open to infection. More alarmingly, the government IT watchdog MeriTalk highlighted in April just how shaky network security is on mobile platforms, even at the highest levels.
Their data shows that not only are millions of citizens losing private information to hackers, but the locations of governmental and military bases are being revealed by network security leaks.
As for what’s ahead, the global community is set to foot a bill for $6 trillion in cybercrime damages by 2021. Since any hope for a secure future must come from government on down, it’s important to look at how the people in charge are handing network security.
How network security hinges on user responsibility
It’s not that government isn’t trying to implement network security policy; it’s that many employees don’t follow the rules. They persist in using exploitable apps and technology which compromises their workplace and, in some instances, society itself. A few examples:
- 72 percent of employees connect their personal devices to federal Wi-Fi
- Over 67 percent store government work on personal devices
- 50 percent of employees in government installations take photographs
For the average person who doesn’t safeguard their device and behavior, consequences can be serious such as data loss, identity exploitation and loss of finances. For those at the highest level of work, failure to monitor digital habits could be disastrous for everyone.
Self-awareness is where network security begins, and this means staying alert regarding the vulnerability of ourselves, our peers, and our devices.
Self-monitoring as a first step to safety
Users must remember how much of a hybrid they are with their device. As such, a few simple steps can greatly reduce mutual risk. By installing and updating antivirus, regularly changing passwords and keeping social media sharing as general as possible, users can begin to lay the groundwork for network security.
Of course, since we’re all interconnected our own security depends on others being equally sensible. As the examples above illustrate, the workplace is a hot spot for hackers. Keeping personal and work accounts separate will not only protect individuals, but their teammates and the companies they work for.
What companies can do for network security
Even the most security-savvy user is still at risk. Consider the major security flaws found in processors and server chips from Intel, ARM, and AMD. The ominously named Spectre and Meltdown flaws exploit PCs, smartphones, and tablets to funnel customer and business information to hackers.
The companies have taken measures to patch up the leaks, but it’s all too indicative of how fast bad guys can move. Mobile networks already offer a wealth of user data for hackers to exploit, from complete data profiles and pictures to whether a user is even at home (thanks to geolocation technology).
The bad news is that many of these features are auto-enabled and users aren’t even aware they’re operating. The good news is this can be used to give users control in future. Mobile devices typically require permission from their users to gather information, and permission can be denied.
Geolocators can be deactivated, contact lists kept secret, and cameras locked. Some data-gathering features are still beyond user control, but as the security landscape becomes more hazardous, manufacturers can and must put more power in the hands of the user.
There are a number of best practices which small to medium enterprises should ensure they implement. The most obvious is the use of an external firewall. Many companies go one step further and utilize not only an external firewall but internal ones as well to provide additional levels of security. There needs to the expectation that mobile devices will be used by employees.
We wrote a blog on BYOD (Bring Your Own Device) and the best practices associated with the use of personal mobile devices in the corporate environment. It is essential that employees are educated about the importance of maintaining a secure operation; including the use of safe and strong passwords, ensuring data is backed up, and that anti-malware software is implemented and updated. Sometimes, even with the best preparation an employee can make a mistake and compromise your network. It is highly recommended that you implement multi-factor identification to provide an extra layer of protection. (source: Cox BLUE).
Security is serious business but it can be a moving target. Cybersecurity must be a top priority for your business and every employee needs to be on-board. Our network team stays constantly educated on the latest in cybersecurity, attending multiple conferences every year to stay up to date on protection schemes to ensure our network is safe. We hold all-employee meetings multiple times per year on best practices to be sure that everyone is kept up to date. We know that our business and our partner’s business depend on it.