The growing prevalence of mobile workers globally, and in New Zealand, means the perimeter of an organisation’s network could, literally, be anywhere.
The hyperconnected world brings opportunity and risk, says Dimension Data New Zealand CEO Jo Healey.
Speaking at the launch of New Zealand’s annual Cybersecurity Awareness Week, Healey shares a four-step process to help companies stay cybersecure.
The steps are designed to help businesses of all sizes to balance the need for a free and mobile workforce with security requirements, says Healey.
The goal of Connect Smart Week is to raise cyber awareness for individuals and organisations.
The biggest risks to our cyber security are not coming from what we may think are the most obvious sources, says Healey. “It is every day users, who are often the weakest links in the chain.”
Users have become the ‘new perimeter’ of an organisation, particularly those who are accessing key systems and data via devices that aren’t comprehensively managed by the business, says Healey, in a statement.
“While it is easy for an organisation to secure its systems in the workplace, today’s workers are not static, she states. The growing prevalence of mobile workers globally, and in New Zealand, means the perimeter of an organisation’s network could, literally, be anywhere.”
Cybercriminals know that if they can reach a user they can gain access to an organisation’s data, says Healey.
Attacks come in many forms. But there are four simple things organisations and workers can do to make sure they are being cyber smart.
Understand the needs of your workforce
If the end-user is the new end point in terms of cybersecurity, then engagement with the end-user should be the logical starting point in any end-user computing strategy. It’s a good idea to listen closely to what the user requires in order to complete their work tasks and find out what applications they actually use.
Understand your key risk points
You need to understand where your key risks are. This means evaluating and ranking your organisations devices and applications according to the perceived level of risk.
Develop firm, transparent policies
A firm policy framework should be based on balancing your end-user needs and your risk points. This policy can be simple but it must be clear. For example, you can govern the access to applications by device, software, or even geographical region — restricting access when exposed to high-risk networks.
Communicate and educate
The key is to communicate these policies transparently as end-users will only adopt them if they understand why they’re in place. This requires ongoing communication and education to keep users up to date and vigilant.
“The worst thing any organisation can do is ignore the risks,” concludes Healey.
Follow CIO New Zealand on Twitter:@cio_nz
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.