Bold Business Logo
Contact Us

Day: May 14, 2020

Keeping Virtual Work Environments Secure in a Locked Down World

Posted on by Edward Kopko

Thanks to COVID-19, virtual work environments are here to stay. But while employees may be safe and sound working from home, the work data and proprietary information on the computers they use at home may not be so safe! Why not? Because work-from-home environments often lack the same cybersecurity safeguards found in an office setting… which translates into exploitable weaknesses and vulnerabilities. To make matters worse, many businesses are unaware of these new sets of risk – and employees are likely unaware, too.

On May 12, Bold Business hosted Keeping Virtual Work Environments Secure: Really Smart Cybersecurity Tips for Businesses, a webinar that featured the expert insight of Master Security Consultant Steven Wiegelt.

Steven Wiegelt looking sharp in his profile pic

Wiegelt covered five different areas where businesses face risks:

  • Tools and Software
  • Network
  • Security Awareness Training
  • Policy and Procedures
  • Intellectual Property Protection

But first, Wiegelt illustrated some of the more obvious dangers that come with working outside of the office.

The Perils of Working from Home

Smart businesses met the challenges of lockdown by sending their employees home with laptops and (hopefully) seamlessly maintaining continuity with plenty of video conferences. But according to Wiegelt, there are still plenty of perils businesses and employees alike face. They include:

  • A blended personal and work life – when the line between home and office gets blurred, productivity and security awareness can suffer
  • Device sprawl – too many devices means too much confusion
  • Shared workspace – ever have to tell your kid not to mess around with your laptop?
  • A home WiFi that may not be secure or even strong enough to support business needs
  • Lack of IT support – who are you going to call when you have issues?

What can you do to combat these perils?

The Right Tools

Every business needs the right tools to function properly, and for a business in a work-from-home posture, that means software for managing workflow and sensitive information, storing sensitive data, management controls for monitoring access and activity.

Wiegelt’s advice:

  • Provide corporate-issued devices
  • Maintain secured file storage
  • Use authorized and licensed software
  • Set up a VPN (virtual private network)

Virtual work environments need the right tools

Keep Your Network Secure

For some, simply figuring out how to input a WiFi password and logging on to a network is a victory. But the bar for success must be kept much higher when business data and proprietary information is at stake: a network must be secure!

According to Wiegelt, the dangers of an unsecured include loss of productivity, data leakage, limited resource availability, and bandwidth issues. 

His advice: 

  • Get a security audit to learn your gaps
  • Make sure your VPN is properly configured
  • Make an inventory of your data and who has access to it
  • Engage in Data Loss Prevention

A successful virtual workforce needs a secure network

The Weakest Link

The numbers don’t lie. While a business can make sure all their technical ducks are lined up in a row, statistics show that 90% of data breaches are caused by human error!

 

People are generally the weakest link in cybersecurity

To manage this particular area of risk, Wiegelt advocated aggressive security awareness training. 

Security awareness training is essential in combating cyber-threats!

The training itself must be as real as possible (meaning, it simulates a real world attack). 

It should also be consistent. In other words, security awareness training that occurs once every leap year might not cut it.

Aggressive security awareness training can strengthen the weakest link

The Need for Policies and Procedures

Of course, a strong training program is all well and good, but the other side of the “people management” coin is an established set of policies and procedures.

Wiegelt pointed out three key policies a business needs to have in place for employees who work from home (although it would be great if these policies existed for those working in offices, too). They are:

  • A System and Communications Protection Policy
  • An Acceptable Use Policy
  • An Access Control Policy

Wiegelt noted that some businesses – like those that deal with sensitive healthcare information or financial data – have regulatory requirements involving putting policies in place.

Policies and procedures are necessary for any virtual workforce

 

Does your company have vulnerabilities with its virtual work environment? A Bold Business Vulnerability Assessment can tell you!

Protecting Intellectual Property

At the end of the day, protecting data is about protecting intellectual property. 

For that, Wiegelt laid out for key tips:

  • Use an Antivirus on your computer
  • Set up a Firewall to protect your network from incursion
  • Utilize Secure Storage for files
  • Employ Authentication protocols to Secure Terminals

 

Cybersecurity means protecting intellectual property

 

If you missed the webinar, you can watch it here.

 

A webinar summary slide with five key points
Keeping virtual work environments secure in five easy steps.

BOLD OPINION: Privacy Rights Are Important, But Tracking Viruses Is More Important

Posted on by Staff Writer

At present, 185 nations have been affected by the CVID-19 pandemic. Millions are infected, and countries are scrambling to devise a game plan in managing the disease. In the process, a global economic recession appears inevitable. And no one yet knows when or if a vaccine can be developed to allow populations to resume some sense of normalcy. In this uncertain environment, public health officials have defined three key measures that can guide us to safer ground: contact tracing, broad coronavirus testing, and quarantining.

Given the size of the world’s population, achieving these three measures on a significant scale has been challenging. But one area offers hope. The use of smartphones to facilitate contact tracing could be a tremendous game-changer. The mobility and speed with which a coronavirus app could trace contacts could give public health officials a serious advantage. But at what cost? By tapping into people’s smartphone for contact tracing, privacy rights and personal securities could be violated. The obvious question is therefore whether or not our need to save lives and restore public health is worth these risks.

“Automated contact tracing is a big idea, an ambitious idea. But it’s important to be ambitious right now.” – Dr. Louise Ivers, Executive Director of the Center for Global Health at Massachusetts General Hospital

How a Coronavirus App for Contact Tracing Works

Across the globe, a number of countries have already developed a coronavirus app that permits contact tracing. For example, Singapore launched a coronavirus app for voluntary download allowing positive viral test information to be shared with permission. Over 1.1 million people have downloaded the app, which is about 20 percent of the country. Norway, Australia, and India are other nations that have introduced similar contact tracing coronavirus apps. Of these, Norway has achieved the greatest support with 30 percent of its population downloading the app.

Someone using an app to track someone
The war on this global pandemic requires a coronavirus app that tracks those exposed.

In each of these cases, different technologies are used to facilitate contact tracing. Some use Bluetooth technologies, which permit low level energy to monitor location. Likewise, Bluetooth offers more accurate data in terms of proximity. Other coronavirus apps rely on GPS tracking software or even Wi-Fi systems for contact tracing. Not only are these less accurate in terms of location. They also tend to use more battery power than Bluetooth systems. Regardless, in each instance, smartphone locations are monitored in relation to other smartphones. Then, if one user is identified as test positive, a history of contacts can be provided through the app. This would then allow quarantining measures to be used to limit the spread of the viral infection.

“They just pilot [the app] out, see how it works and, as the debate is taking place, they scale the project — and once it’s scaled, then it becomes a lot harder to roll back.” – Sidharth Deb, Policy and Parliamentary Counsel for the Internet Freedom Foundation

Privacy and Security Concerns with Coronavirus Apps

Any type of app that tracks data, including location data, has the potential to infringe upon people’s privacies. But in terms of a coronavirus app specifically, several areas of concern exist. Depending on how the contact tracing is performed, there may be concerns about data security. Hackers may access data without permission, or governments may use such data for unwarranted surveillance. Likewise, because a coronavirus app would deal with positive test information, health privacy is a concern as well. These types of issues are a major reason many people refuse to voluntarily download a coronavirus app in the first place.

Understanding this, some developers are trying to better ensure privacy and security through creative design. For example, the current collaborative project between Apple and Google use anonymous identifiers that frequently rotate codes. Data is also stored on the user’s device rather than on a central server. And data is also deleted after a set period of time. These as well as the Bluetooth platform used reduces the chance data will be stolen or manipulated. But the Apple and Google project is the only one to date favored by privacy rights groups. The vast majority of all other coronavirus apps for contact tracing tend to be much less secure.

“There are times that not using the information that we have is morally hard to defend, and I think this is one of them.” – Michelle Mello, Health Law Professor at Stanford University

An Argument for the Greater Good

The right to privacy is an important right that is respected among many nations throughout the world. It is part of our own Bill of Rights, and any consideration that violates our right to privacy needs to be taken seriously. But at the same time, protecting public health, both nationally and globally, is important. Our right to privacy is not supreme over all other rights, especially when human lives are at stake. Thus, whenever we are faced with situations like those of today, we must keep things in logical perspective.

After the attacks of 9/11, Americans traded some privacy rights in an effort to feel more secure and safe. In essence, we are again facing a similar situation. From one point of view, a coronavirus app that permits contact tracing has the potential to save lives. At the same time, it also could allow nations to get back on their feet economically much faster. Both are important in honoring human life and wellbeing. From a moral viewpoint, saving our right to privacy at the expense of a worsening pandemic seems simply unjust.

“When you hear people saying there will never be take-up of the app, they are talking like we are not in the world we are currently in.” – Christopher Fraser, Infectious Disease Epidemiologist at Oxford University

The Pieces of the Puzzle Needed

While several countries have made great strides in having their citizens download a coronavirus app, it isn’t enough. Researchers suggest that 60 percent of a population needs to participate in contact tracing for it to be effective. Likewise, this must be combined with broad testing measures and enforced quarantining. Understanding this, no nation is close to having the right system in place to stop the pandemic in its tracks. However, this doesn’t mean we should push ahead. And our right for privacy shouldn’t stand in the way either. While there’s no denying privacy rights are important, in our current time, global public health takes precedent.

How can we help?

How can we help?

Bold Business Insights
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.