security

Communications Tech And Cybersecurity Trends – Security – United … – Mondaq News Alerts



To print this article, all you need is to be registered or login on Mondaq.com.

Published: New Hampshire Business Review

April 7, 2023

When New Hampshire companies look for ways to bring their
budgets in line, one area they cannot afford to diminish is
cybersecurity. If anything, they often have to increase their
ability to safeguard their most important digital infrastructure as
well as protect their clients’ data. New Hampshire Business
Review reached out to McLane Middleton in Manchester to glean some
of their expertise in this arena.

Q: What are the best practices a company can adopt to keep its
remote and hybrid workers secure and connected to the company?

A: One primary risk presented by employees
working remotely is the devices they use to do so. With respect to
laptops and desktops, the following are critical safeguards:
encrypt the hard drives; do not permit workers to have
administrator privileges; deploy advanced threat detection and
prevention not just ordinary anti-virus; enable local firewalls;
and ensure that the devices automatically link to a virtual private
network (VPN) as soon as they receive an internet connection. With
respect to mobile devices, deploying a mobile device management
(MDM) application is critical to ensure that the device can be
accessed only using a passcode or biometric; the device and the
data in the MDM is encrypted; and the device can be located and
decredentialed if lost or stolen.

Readers Also Like:  Why CISOs should be concerned about space-based attacks - Channel Asia Singapore

Another primary risk of employees working remotely is the points
of access they have to company information.

Strong and unique passwords coupled with multi-factor
authentication (MFA) for access to all computers, networks and
clouds is a necessity. Additionally, limiting the access to those
systems only to company-owned devices is another critical
safeguard.

Q: What are the most important aspects a company should focus
on in regards to maintaining its cybersecurity?

A: Truly effective cybersecurity requires a
comprehensive approach — there are no magic bullets. The
first and most important step is to conduct a full risk assessment
to identify vulnerabilities and areas of non-compliance, and then
create a strategy to mitigate or eliminate them through solutions
that fit the budget, culture, and IT and physical infrastructures
of the business. Through this comprehensive risk assessment
process, an organization can design a cybersecurity program that
both best mitigates risk and fits its needs.

While each organization’s technological safeguards can
differ, the following is a list of the 15 controls that every
business should implement to mitigate risk:

1. MFA and unique complex passwords to access
all computers, networks and clouds.

2. Advanced threat detection and prevention on
all networks and computers.

3. An automatic VPN.

4. MDM for all mobile devices with access to
company email or other data.

5. A sandbox for launching links and
attachments in incoming email, and scanning of outgoing email for
certain types of information.

6. Users not permitted to have administrator
privileges.

7. Data encrypted at rest on all laptops and
mobile devices, and certain sensitive data encrypted on servers and
in clouds.

Readers Also Like:  Intel Patent Confirms L4 'Adamantine' Cache for Meteor Lake - ExtremeTech

8. Properly configured network firewalls, and
local firewalls deployed on all laptops.

9. Automatic mandatory pushing of patches and
updates.

10. Appropriate employee access limitations
managed through IT and human resources processes.

11. Real-time monitoring of and response to
security alerts through a security operations center (SOC) and/or
security information event management (SIEM) application.

12. Offline backups and cloud-based failover
redundancy.

13. Access and activity logging configured
robustly.

14. Vendor management through appropriate due
diligence and contracts.

15. Cyber liability insurance in an appropriate
amount and with full coverage.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

POPULAR ARTICLES ON: Technology from United States

Ankura CTIX FLASH Update – March 31, 2023

Ankura Consulting Group LLC

3CX, an enterprise communications software solutions manufacturer, has confirmed that various versions of its desktop application for Windows and macOS are affected by an active…



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.