In A Digital World, No Company Is Immune
The recent WannaCry ransomware attack wrecked havoc around the globe and highlighted the problems of cyber security in many industries. No country or industry was “left behind.” State institutions, telecoms companies, health care organizations, educational institutions, oil and gas companies, manufacturing across the world seized operations. Downtime, regress to pen-and-paper operations and panic – these are the takeaways of WannaCry for the majority of affected businesses.
Several issues have come to the forefront in the aftermath of the attack:
- the use of the long-discontinued Windows XP across organizations
- the lax attitude to software updates and data backups
- the lack of proper security protocols
Fortune notes that “every company is a digital company now.” Every business nowadays relies on technology and the Internet for a variety of operations. Cloud is hosting a broad range of business operations from customer service to accounting. Once a company gains a digital footprint, it has a digital landscape to protect. One is inseparable from the other. Just like you protect the safe boxes in your office, you ought to protect the digital assets of your organization.
No organization is immune to cyber attacks. Small and medium-sized businesses might think they are not the priority targets, but reality says otherwise. SMBs are among the top targets for cyber criminals because they lag in cyber security, as compared to larger organizations. Additionally, SMBs present an easy entry point for attacks targeting their bigger partners, as was the case with Target.
Why Customer Data Protection Is Important
There are many reasons, but mainly due to – 1) legal liabilities, 2) brand reputation, 3) financial damage.
In the US, EU, and Asia, there are disparate, yet increasingly strict data protection regulations. Companies dealing with customer – or patient – private data are responsible for its privacy and security. Most known data breaches end up in administrative fines, audits and even revocation or suspension of license.
Once the data breach becomes known, customers seek to indemnify the damage of having their personal data compromised. Trust is broken, loyalty is undermined.
Brand damage usually goes beyond discontent customers. Lost contracts, mergers, and compromised partnerships can be enough to push an SMB out of business and cause a significant stock drop for large companies. Combined with the expenses associated with the downtime, breach investigation, and mitigation expenses, the cost of a data breach is an average of $4 million.
1. OS and Software Updates
WannaCry outbreak once again highlighted the importance of timely patches and system updates. Many state institutions and businesses worldwide were reluctant to update from the discontinued Win XP to the newer Windows versions. Despite its convenience in many aspects, there are too many risks associated with running the outdated OS.
Windows 7, 8 and 10 can be set up to receive automatic updates and security patches from Microsoft. On the contrary, if uncontrolled updates are not in line with your company policy, your admins can control the updates.
Windows tablets, medical and enterprise class, allow remote administration, including the updates and fixes. Your admins can push OS and software updates remotely, overseeing the process for the entire fleet of your devices. This eliminates the pressure on the not-so-technically-savvy end users working with these devices.
Remote administration is an essential part of cybersecurity. Your admins can sandbox applications, disable apps store, webcam, microphone, or access to public Wi-Fi. They can black- and whitelist applications and connections.
Only Windows OS allows for such flexibility and advanced control over corporate devices, so business tablets and medical grade tablets powered by Windows offer the high-end security capabilities.
2. Secure Authentication
Advanced authentication is possible when software and hardware capabilities work together to ensure only authorized personnel can access the contents of the device.
BYOD does not provide the level of sophistication, ease of use and flexibility necessary to protect your corporate and customer data from unauthorized access.
Business tablets and medical tablets, as much as business all-in-one computers, incorporate the native Windows authentication features with security of RFID SSO, Smart and CAC card reader, biometric scanners and fingerprint readers.
Security must be robust but easy-to-use. When security is too difficult and time-consuming, the employees “forget” to adhere. Advanced authentication is indispensable under the circumstances. It allows you to enforce stringent protection and grant your employees the ease of use.
3. Safe Wi-Fi and Data Encryption
Data encryption is crucial in any cyber security strategy. Windows business tablets and medical tablets come with several USB ports, and support encryption of data on external hard drives. This means your workers can encrypt data on USB dongles and external hard drives directly from the tablet – fast, secure, simple.
Configuring your corporate devices to avoid connecting automatically to insecure public Wi-Fi is equally important. When access to corporate Wi-Fi is impossible, your business tablets will ensure your field workers are online due to advanced connectivity options. Supporting 3G, 4G, Bluetooth, GSM, CDMA, business tablets are not locked to any telecoms provider, so you can set up your payment plans and bandwidth the way you need it – not the way your locked device dictates.
4. User Management, Access Restriction
Restricting access to personal information (of your employees, customers, and partners) is essential to data protection. Employees who have no need to know should have no access to confidential data.
Likewise, administrators must be able to see who accesses what data, when, from where and what they do with it. They must be able to monitor incoming and outgoing traffic. Windows remote management streamlines user administration – adding, removing users and privileges, setting up accounts and passwords.
Employee Left or Fired Access Not Terminated is a severe problem that often leads to compromise of corporate data. Eliminating ELOFANTs from your networks is another must-do.
Employees with privileged access must be able to use secure connections when outside of the office (VPN, end-to-end encryption, zero-knowledge cloud provider).
Of special note is, again, advanced authentication for employees traveling with corporate devices. Lost or stolen corporate laptops and personal smartphones often lead to data breaches. That is why business tablets come with advanced authentication mechanisms on the hardware and software level enforced by the remote location, lock and wipe capabilities.
5. Data Visibility and Control
According to Veritas and Vanson Bourne, 52% of corporate data is dark data. “Dark” is the data a company knows nothing about. Some of that data is business-critical, and its compromise brings liabilities. Some of it is obsolete, redundant or trivial. It means companies are spending large sums on maintaining cloud and on-premise data storage, 50% of which is clogged with the dark data.
The loss of data visibility is a grave issue:
- 86% of ITs believe the clog of data increases the time it takes to respond to a cyber attack.
- The average cost of storing 1PB of data per year is $5 million.
- You spend 52% of your data storage budget on the data you know nothing about.
- Worse yet, 41% of that budget goes to storing the data no one in your organization has touched in 3+ years.
BYOD and unregulated use of consumer applications (cloud, email, chat) contribute volumes to the problem. Employees treat corporate storage as personal, uploading terabytes of personal photos, videos, movies, and music files.
With corporate-controlled business tablets, your admins can regulate the storage, uploads, downloads, installations and file sharing, regaining visibility of your data and identifying data that can drive value.
To prevent your IT budget from becoming bloated and ineffective, you must regain visibility of and control over your data. Corporate-owned business tablets let you do that. BYOD does not.