Opinion

Don’t let data security be your Achilles heel in transformation

The ruthless rampage of Cyberattacks is a worrying trend that threatens organizations of all scale. However, it should not slow down the adoption of latest technology offerings. Instead, devise strategies to ensure that security is met along your transformation journey.

Niloy Mukherjee Aug 24th 2018 A-A+
Niloy-Mukherjee-Dell.jpg

Cyberattacks have been on a ruthless rampage over the past few years, afflicting all in its path. While this is a worrying trend that threatens organizations of all scale, it should not be the factor that slows down our rate of adoption when it comes to the latest technology offerings. Instead, we should be devising strategies to ensure that security is not the underlying factor stopping us from achieving great milestones in our transformation journey.     

Given employees of enterprises in Asia Pacific and Japan (APJ) are using many different devices on a daily basis, they can work from almost anywhere as long as there is a mobile or Wi-Fi connection. This inevitably leads those devices being connected to multiple public networks, exposing them to both physical and digital vulnerabilities.

According to the Dell End-User Security Survey, four in ten employees across enterprises admit to having poor cybersecurity hygiene at work, such as connecting to public Wi-Fi to access confidential information, using personal email accounts for confidential work or even losing a company-issued device. All of these actions open more avenues for cyber-attacks to be launched against your enterprise – something we definitely need to avoid. In order to protect ourselves against this, there has to be more sophisticated protection, especially focused on protecting critical business data.

As we change the way we use technology, we are opening our systems up to data security threats more and more. While this is a legitimate concern for a lot of us, it should not be a deterrent in our digital transformation journey. Particularly in APJ, these threats have the ability to paralyze organizations since not all of them are equipped to deal with such massive blows to their systems.

According to Europol, the WannaCry ransomware attack reportedly infected more than 230,000 computers in over 150 countries just within a day of being launched, crippling many organizations across the globe. Given the severity of the situation, how exactly can we fight such uphill battles against cyber threats?

There are three key areas that we should look into in order to cover up any loopholes that can be leveraged against our operations as we continue our journey to transformation:

Minimizing human error through employee education

Despite the rigorous adoption of data security measures by many enterprises, a gap that continues to be a challenge in this aspect is the human element. The survey mentioned above found that 72% of employees are willing to share sensitive, confidential or regulated company information. This is an alarming figure, as it clearly points towards a poor understanding of the implications information sharing has on security.

The groundwork to reducing human faux pas is through ongoing employee education. To address data security issues, we must focus on educating employees and enforcing policies and procedures around data security at all points, without hindering productivity. Ongoing reminders on potential risks and data security best practices are also a much needed step to ensure practices and procedures are followed thoroughly in order to secure data while maintaining productivity.

Beyond employee education, we should also review our workplace policies and data handling measures to minimize the risks associated with human errors.

Deploy data protection from the point of creation

To unlock the speed, agility and innovation of today’s mobile workforce, data protection at the point of creation is an essential component. With the presence of sophisticated endpoint data security solutions in the latest technology devices, data is protected on various fronts– from allowing secure, convenient access to web and applications, to detecting and thwarting malware and threats in real-time.

Given the nature with which cyberthreats are evolving, many security solutions these days have an added feature of centralized encryption and endpoint security management that enables faster deployment of security patches and updates. Being confined to your desk can now be a thing of the past, thanks to such defenses powering your devices against threat actors.

Multi-level and business unit involvement to ensure success

Instead of the IT department bearing the sole responsibility for security strategies, it is important to bring security discussions to the boardroom and beyond. According to the Global State of Information Security Survey 2018 by PricewaterhouseCoopers, it is important for C-suite executives to establish a top-down strategy and work closely with all levels of the organization to manage cyber and privacy risks.

Working closely with the C-suite and other business units will allow the IT Department to develop simple, clear policies that address common scenarios across the workplace. This will also ensure that endpoint and data security solutions implemented are applicable to various operational activities. This action is vital in achieving optimal balance between protecting data whilst empowering employees to be more productive.

These steps are only the beginning. Given the evolving nature of cybersecurity threats, it is imperative for us to be on our toes at all times – working harmoniously as one unit in our battle against the cyber terrorist. We cannot afford to raise the white flag against our cyber enemies – as this will come at a risk of slowing down digital transformation, something that we simply cannot give up on during our pursuit for internal process improvements. A nimble and innovative approach is the way to go in addressing security challenges in the long run.

Niloy Mukherjee is Vice President, Product Marketing, APJ, Client Solutions, Dell.

Disclaimer: This article is published as part of the IDG Contributor Network. The views expressed in this article are solely those of the contributing authors and not of IDG Media and its editor(s).