In Australia, the Notifiable Data Breach scheme showed revealed that in the 12 months to May 2019 there were nearly 1,000 data breaches of which two-thirds were malicious and 32 percent were caused by human error. This statistic is proof that improving security systems in the modern workplace should be a priority.
If this upgrade is not done correctly, it can compromise not only business goals but also open them up to security challenges. This doesn’t mean businesses should abandon their digital transformation strategy altogether. In fact, our research found that nearly 40% of Australian organisations are not embracing newer, emerging technologies due to concerns with security.
To ensure your strategy and business ambitions are not undermined by security, there are a few simple processes that can go a long way to securing your firm’s data:
1. Think outside the building: The perimeter of the modern workplace is constantly being redefined. A proliferation of new end-point devices and the demand for anytime, anywhere access means installing firewalls and physical security is no longer effective - the solution needs to move with the device. Appropriate solutions might include identity-based or role-based access.
2. Streamline and simplify: The mistake many organisations make is continuing with legacy security solutions when they go through transitions. This is especially true if previous migrations were simply a lift and shift to a new destination, without taking the opportunity to rethink and update your security posture. It won’t matter how well you configure new cloud applications if your central identity platform is leaving you exposed.
Not only is this unnecessary ongoing cost to the business, it is confusing and often masks problems, allowing threats and breaches to go undetected as CIOs untangle a complicated web of legacy security. Research has found a breach can go undetected for up to 99 days!
3. Use what you’ve got: The most cutting-edge, state-of-the-art security system means nothing if it’s not used. According to our research with 100 Australian C-level executives, IT and business decision-makers, half of them say their organisations have basic security practices in place such as password rules (for example length or type of characters), regular password resets and multi-factor authentication.
What most users are unaware of or don’t know how to fully harness is the fact that most modern workplace platforms have powerful security tools and capabilities already built in. Organisations that have embraced the cloud can employ powerful security capabilities out of the box, with intuitive configuration that enable users to proactively ensure good security behaviours and reduce the strain on IT support.
4. People power: One of the most pressing security considerations of the modern workplace is people. Just over half of all CIO’s (51%) say the biggest threats facing their organisation come from within. These threats fall into two categories: witting and unwitting participants.
To prevent deliberate malicious use by employees, businesses must ensure they have properly configured access policies and have the tools in place to automatically spot and prevent suspicious behaviors from inside. Making safe, approved behaviour streamlined and easy goes a long way to keep data secure and on the proper channels. If pain points are preventing employees from working efficiently, the risk of unmanaged Shadow IT are increased.
5. Be proactive: No organisation is 100% secure, but again, that doesn’t mean companies should be lax when it comes to data protection. Being deliberately and openly vulnerable is not an option. Unfortunately, sometimes a breach is what it takes for security to be taken seriously. Modern workplace security seeks to reduce the damages and speed your reaction time if, and when, breaches occur.
Modern workplace, modern problems
Technology can facilitate great work from the modern workplace, at scale, but can also expose vulnerabilities which, if not addressed with good security practices, can hold the business back from achieving its potential.
By being proactive about securing their data, shifting their security from physical proximity to virtual, and streamlining whatever complex legacy systems they have built up, and ensuring their people are fully briefed and on board with protecting their data, organisations can use their technology to its full potential.