sb-au logo
Story image

Three ways to protect your business in the cloud

24 Apr 2020

Article by LogMeIn Japan & APAC VP, Lindsay Brown.

As governments around the world issued directives that individuals need to stay home and isolate amid the current COVID-19 pandemic, organisations scrambled to set up the infrastructures to protect the business and its employees. Now that organisations have made headway in their remote working practices, with some even considering its permanency, they are now presented with a new challenge – protecting the business in the cloud. 

The cloud is still unfamiliar territory for many. Most employees working from home find themselves using a multitude of devices, applications and networks, increasing the complexity of managing – and protecting – user access within businesses. While employees just want to work efficiently, IT needs to ensure the proper controls are in place to protect the company.

For IT leaders and businesses managers needing to effectively manage their remote workforce, here are the three ways to protect your business in the cloud:  

1.    Make access control a priority 

A modern BYO-anything workforce means more access points, hidden apps and hurdles to secure across the organisation. Even as cyberthreats rise, employees expect technology to be fast, convenient and easy to use. Businesses must prioritise an access solution that secures the organisation while helping employees stay productive wherever they are.
 
Knowing the apps used within your organisation and understanding user access behaviour is important to spot issues before they become a bigger problem. However, having complete control over user access can sometimes be difficult and hidden from view thanks to Shadow IT – those undocumented apps that employees bring into the business. If you can vet and track these on work devices, you can prevent potential fraudulent or malicious software being installed. 

Additionally, the assignment of specific permissions and privileges for employees based on their particular role protects sensitive information and ensures a need-to-know protocol is enforced. Using a single sign on (SSO) access solution such as LastPass will ensure employees are not maintaining multiple passwords, and securely connects them to the work applications in which they are assigned, without the need to type a password.

2.    Establish strong access policies

An effective strategy in maintaining security is to encourage good password hygiene practices within your business. This is particularly important with a remote workforce, when every employee logging in is outside of the traditional corporate perimeter. According to FireEye’s latest M-Trends report, median dwell time for non-ransomware breaches in APAC is 94 days. So, when staff are empowered with best practice knowledge, they too can take steps in mitigating potential risks. 

Some ways to do this include preventing password reuse through generating and storing of unique, random and strong passwords and automating password storage by capturing and storing passwords for new services, whether they’re managed by IT or not.  Additionally, using multifactor authentication wherever possible with services like LastPass MFA is critical to protecting the business, and if there is need to share a password, use an encrypted format to discourage insecure methods like text, email or written notes. 

3.    Get employees on and off systems fast

Organisations need to give employees convenient, secure access to the tools they need to do their jobs, with the appropriate level of permissions - so when they onboard or offboard with the organisation, there is complete visibility of their whole working journey. 

Using one centralised admin dashboard will provide a unified view of employee access across the organisation. Similarly, integrating with your existing user directory to automatically provision new employees, with the right privileges to the right resources will help jump start their productivity. Lastly, have a kill switch to immediately and completely turn off access privileges when an employee leaves.

Through these key methods, managing the security of your remote workforce should prove less daunting and help to ensure greater preparedness for the future of work. 

Story image
A third of millennials think they're 'too boring' to be victim of cyber attack
While many millennials are concerned at how their data is being used and whether they are being targeted by cyber-attackers, according to Kaspersky any potential action taken to tighten their online security is at ‘the bottom of their to-do list’.More
Link image
Nine developer enablement practices to achieve DevOps at enterprise scale
Senior software engineering leader with experience at multiple Fortune 500 companies shares how a metrics-driven mindset can dramatically improve software quality and enable DevOps at enterprise scale.More
Story image
Forescout and ServiceNow advance tech partnership to protect critical infrastructure
Forescout and ServiceNow have announced they are advancing their partnership for enhanced operational technology (OT) and industrial IoT capabilities, with an aim of helping organisations to protect critical infrastructure from cyber threats.More
Story image
Addressing the knowledge gap in the Australian security industry
Nowadays, access control can be combined with video and alarm systems, which can, in turn, link up with licence plate recognition, audio and facial solutions.More
Download image
Strengthen the weakest link in your security chain
Globalisation. Remote working. High-turnover workforces. These factors and more add up to make increasingly dynamic workforces - and without proper management, your business could fall behind.More
Story image
Fortinet reports total revenue of $615.5 million
Strong demand for secure SD-WAN and work-from-home capabilities helped power 18% second quarter revenue growth. More