The IT Support Learning Hub
The most educational business technology blog for Southern California executives, featuring insider tips, articles, and videos on how to get the best IT results.
Now that you're working from home, there are a few security best practices to follow to help make sure you and your company are protected from cyber security threats. For example, have you thought about the security of your home network with all of your "things" connected to it? Don't forget that working securely has as much to do with your actions as it does with your IT environment, so don't let your new work location let down your guard.
During these unprecedented times, many companies are now being challenged to deliver their products and/or services, perhaps using new (and as yet, untested) mechanisms to do so. While some businesses have been forced to close their doors, those who have the advantage of staying open and allowing staff to work from a remote location can't ignore the security implications that go along with having less control over their corporate business and technological environment.
On March 18, 2020, the World Health Organization reported 207,855 cases of COVID-19 worldwide and 8,648 deaths from this virus. The pandemic has spread to 166 countries and territories, which is almost everywhere in the world. The recommended solution for businesses, schools, religious institutions, public agencies, and non-profits is the same: start practicing social distancing as soon as possible, and that means that many businesses have had to send employees to work from home.
If there's anything the last 20 years has shown us, it's that data security is paramount in modern business. Every year, the war rages on between hacker voraciousness and IT admin ingenuity. Every year, IT professionals invent new ways to stop hackers, and hackers find new weaknesses to exploit. In 2020, every business should be preparing for this year's wave of network security risks and the breaches of those brands who fall in the battle.
More than a decade ago, the U.S. economy was hit by the biggest economic downturn since the Great Depression. In the early months of the recession, American businesses lost an average 800,000 jobs per month as the economic growth declined at more than 8% during the 4th quarter of 2009 and the 1st quarter of 2009.
Online threats are a serious concern for every business. New cyber security risks are constantly emerging, and the cost of failing to protect information is high. IT departments do their best to keep their systems secure, but the average IT group doesn't have enough time or the specialized skills needed to deal adequately with online risks. The services of a cyber security firm, often called a managed security services provider (MSSP), will provide greater protection.
Cyber security sounds like something that falls under the responsibility of the IT department. The IT department may handle many of the responsibilities that go along with protecting the company from cyber threats, but that doesn't make security the sole responsibility of the IT department. Ensuring that your business doesn't fall prey to a cyber attack is everyone's responsibility. With 43% of cyber attacks targeting small businesses, it's more important than ever that everyone on your team participate in your cyber security measures.
If you’ve been presented with a requirement to align your cyber security practices with the NIST Cyber Security Framework, you might at first think that compliance will just be the IT department’s responsibility. Nothing could be further from the truth. Cyber security is a responsibility that all employees need to share, but there are some specific obligations that lie within each department of your organization.
If you’re a manufacturer in a government supply chain, you’ve probably heard by now that it will no longer be enough to self-certify your cyber security stature. You’re going to have to prove that the data you store for the parts, products and services that you supply are protected from theft, alteration or kidnapping by following the NIST Cyber Security Framework.
If you manufacture one little part for a piece of military equipment for the US government, very soon - if not already - you’re going to be required to verify that you’re compliant with the NIST Cyber Security Framework. It might not be surprising to learn that the government is tightening up cyber security throughout their supply chain, but organizations that aren’t part of a government supply chain are also adopting the framework. The reasons may be a little different for each organization but the outcome is similar - they become better managers of cyber risk.