Business advice to avoid cyber threats

 When forming cases for building integrated security, business representatives should take into account that the paradigm itself has now changed - "if earlier we built a certain perimeter around the organization so that no one could get in there, now other devices (including smart devices) have become part of our information system. irons and refrigerators), which users manage to connect to the organization's remote network, that is, to corporate resources, "noted Vasily Diaghilev. Since the remote work format has expanded the boundaries of the organization's interaction with its employees, the priority of data protection has become the protection of a specific person sitting in front of a computer, "remotely", in an unprotected network, and possibly even from a personal device. 

It is this link at this stage that determines the level of protection of the entire organization, the expert noted. Lev Matveev agreed with him, stressing that now data is much more valuable than the table, chair and computer at which they work, and where they are. Other speakers also acknowledged that targeted attacks against employees can go from a small problem for one person to big incidents for an entire company.

In this regard, experts identified the following among the key recommendations for business:

the need to develop protective solutions, network policy in the company;

use, whenever possible, the services of professional outsourcing companies. "Outsourcing of information security for small and medium-sized businesses is a kind of taxi, which is inexpensive, targeted, but extremely effective," says Lev Matveev;

use of information security protection mechanisms operating in automatic mode. "Automation of information security today is the main challenge to which we must strive as much as possible", - said Vasily Diaghilev;

education of employees, familiarizing them with information security measures through seminars, trainings on the topic;

sufficient funding for the task of ensuring information security, since a reliable data protection system will not only prevent direct theft of databases and other corporate information, but also, in general, ensure the smooth operation of the organization and improve business efficiency.

Vasily Diaghilev gave more specific advice on: providing teleworkers with corporate computers; bans on the use of corporate passwords on external resources; the priority of other, more reliable formats, text files over the Word format (since phishing emails most often come in this format); encryption of documents within the company with the provision of access to them for a limited number of employees; using an automatic connection to VPN services. At the same time, the expert urged business representatives to work on the speed of decision-making, since companies that cannot quickly rebuild their business models to meet the existing realities will start to lag far behind those who did it quickly and not only at the moment, but also in the future. ...


In turn, Lev Matveev drew the attention of businessmen to the fact that work can be not only remote and not only in the office. "In the modern world, the most effective" mix "is when, for example, an employee works in an office for 2 days, and remotely for 3 days," he said.

The Computer Network Support Specialists are the trained experts and are extremely helpful in the computer networking of an organization.

Considering the issue of ensuring information security in companies, it will not be superfluous to recall the Letter of the Federal Service for Technical and Export Control No. 240/84/389 dated March 20, 2020, which contains a list of recommendations for ensuring security when implementing remote operation in terms of facilities critical information infrastructure. The document is addressed to government agencies, government agencies, Russian legal entities and individual entrepreneurs who legally own information systems, information and telecommunication networks, automated control systems operating in the fields of health care, science, transport, communications, energy, banking, etc., but will useful for any business entity.

Comments

Popular posts from this blog

How to study for such an assessment?

Starting your computer for the first time - important points

Connected, No Internet Access - How To Fix