As IT security has evolved and improved during the past 20 years, one factor has remained the weakest link: humans. Whether through malicious actions or unintended behaviours, it’s people who are responsible for a large proportion of the data losses and disruptions that occur.
Human failings happen in a range of ways. The inadvertent sharing of a password can lead to an attacker gaining easy access to corporate systems, while opening an email attachment containing malicious code can have the same result.
Security issues can also arise from careless work practices. Sensitive customer data could be stored on an unencrypted laptop which is subsequently left in a taxi. Alternatively, files could be stolen when an employee logs into core systems from an airport lounge via an unsecured Wi-Fi network.
Faced with these issues, many organisations have taken the approach of adding additional security requirements for users to follow. These could range from requiring login passwords to be changed monthly or mandating that VPNs be used when working remotely. Alternatively, the policies might more tightly restrict access to certain data stores or disallow staff from installing anything but approved apps on their smartphones or notebook PCs.
However, such approaches are not always a success. Human nature is such that, if a barrier is placed in someone’s way, they’ll work hard to find a way around it. For this reason, as well as deploying new security measures it’s also vital to explain to staff members why the changes are being made.
They need to understand the benefits of adhering to the new requirements and be mindful of the ever-changing threat landscape in which their organisation operates. This can be achieved by having regular security briefing sessions at which both the threats and the measures needed to counter them are explained.
Such an approach is also likely to make staff members more proactive at spotting potential threats and reporting them to the security team. This could be a matter of identifying suspicious email attachments or unusual messages that don’t seem as though they have come from a legitimate source. A well-educated workforce can be once of the most effective security measures an organisation can create.
The role of the cloud
Another strategy that can help organisations overcome security threats that might be caused by humans is embracing the cloud. Indeed, since entering mainstream business usage, cloud platforms have become one of the biggest positive security game changers ever developed.
Prior to the cloud, security professionals had to be very aware of how much data they were storing. The volume of security logs and other information had to be curtained to ensure the cost of storage did not put too much strain on IT department budgets.
Now, the economies of scale offered by cloud platforms have changed the game, radically lowering the cost of storage and allowing security teams to collect and retain vastly more data.
This change is significant as often the task of a security professional is to look for anomalies that could be indicators of fraudulent or criminal activity. In some ways, it is like a doctor trying to find cancerous cells among the billions of cells in the human body.
This ability to store vastly more information is particularly important when an organisation is faced with new developments such as the Internet of Things. IoT networks generate vast quantities of data and being able to store and sift through this data to identify potential security problems is vital.
Dismantling data silos
Coupled with this plentiful cloud storage resource is the rise of standardised data interchange formats such as JSON. This allows data from different sources to be more easily managed as a whole, reducing the workload for the security and improving the results achieved.
This compares with traditional security practices that would have involved dealing with data produced by separate devices, such as firewalls and antivirus tools. Now all data produced can be handled in a similar way, increasing the likelihood that potential problems will be identified.
Rather than juggling multiple data stores, security professionals can instead focus on looking for patterns in the vast amounts of data being collected.
This ability becomes even more important when you consider the increasingly interconnected nature of modern business. Organisational IT infrastructures are no longer islands but constantly share data with external parties. Thus, being able to efficiently and effectively monitor large volumes of data traffic and identify anomalies is vital.
To achieve this, it’s important for an organisation to thoroughly assess prospective external parties. It needs to be evident that the level of security protection they have in place is complementary to that being used internally.
By taking advantage of low-cost cloud platforms, making use of data interchange formats such as JSON and validating the strategies taken by key external partners, organisations can achieve improved levels of IT security while allowing staff to be as flexible and productive as possible. Rather than being the weakest link, humans can remain as an indispensable part of ongoing business growth.