Now, as digital, mobile, and social technology becomes an integral part of our personal and work lives, the score has changed - we are beginning to comprehend its weaknesses and our vulnerability and how this unanticipated security risk extends to the enterprise.
There are the basics that everyone teaches their kids, their customers, and their employees – don’t give you passwords away, set up one-time security pins and, if it’s important, ensure double and triple layers of security. Encrypt.
But what about the malware and ransomware that is just one careless and well-camouflaged click away?
And the new cons everyone’s being caught out by simply because, well, they don’t know enough. Like the cryptocurrency scams.
While every business will have policies and controls in place on the corporate network, there is very little they can do about staff using technology in their homes and in their everyday interactions. The bugs, malware and Trojans they pick up can and do enter the enterprise.
There are simply no boundaries anymore.
The answer? Education.
Businesses have to start educating technology users, not just protect the business.
There is no all-for-one security policy that works any longer. A security policy must be highly relevant to the organisation. The injunctions are simple:
There is, unfortunately, no winning formula. Nor can businesses simply put in security requirements for the sake of ticking a box anymore.
The security at any organisation will depend on the systems in use. Enterprises need to identify entry points to their networks and put endpoint protection in place, control access to and monitor traffic on these networks, sweeping networks clean regularly.
The enterprise must also ensure the security circle is closed, putting alerts in place and acting on those alerts, staying ahead of new and emerging threats and enforcing basic safeguards, such as ensuring users implement anti-malware on their phones.
As the extent of our digital exposure and vulnerability continues to unfold, it’s clear that businesses need to take more responsibility for educating its users.
The digital world is in its infancy and there are untold and as yet unknown ways in which our data and our online behaviour can be manipulated and cashed in on.
Companies have a lot to lose — it’s time to ensure everyone takes responsibility for putting the basics in place.