2014 lived up to its reputation as being “the Year of the Hack” with a who’s who of organizations reporting cyberattacks including JP Morgan Chase, Home Depot and the U.S. Postal Service. But if 2014 was the Year of the Hack, then 2015 should be the Year of Security. A recent article in CIO.com lists five cyber security trends that IT leaders need to track in 2015. While most of these have been on IT professionals’ radars, expect an increase in the level of complexity and sophistication moving forward. Following is a rundown of the five security trends and solutions for addressing them.
Cybercrime and “hacktivism”
Criminals, activists and terrorists are increasingly turning to the internet to make money, get noticed, or maliciously impact company operations. According to Steve Durbin, managing director of the Internet Security Forum, cyber criminals are displaying a higher degree of collaboration and technical proficiency that caught many large organizations by surprise.
In 2015, organizations must be prepared for the unexpected – or unthinkable. Working with an experienced cloud service provider, they can create and regularly test disaster recovery plans that ensure data is secure, available and accessible at all times.
Privacy and regulation
Meaningful Use continues to drive greater adoption of electronic protected health information (ePHI) while making it more accessible to medical professionals. However, regulations that impose conditions on the collection, storage and use of ePHI are just now being put into place. 2014 saw the Office of Civil Rights impose severe fines on organizations that failed to safeguard and encrypt ePHI with a promise of more to come.
Organizations should align themselves with compliant cloud hosting providers that can safeguard their ePHI in accordance with regulations such as HIPAA and PCI DSS, but also assist them in achieving and maintaining a secure, compliant posture.
Threats from third-party providers
Organizations often entrust valuable and sensitive data with trusted suppliers. However, when that data is shared, there is a greater chance of it being compromised. The cyberattack on Target is just one example of this. The hackers who infiltrated Target exploited a web services application that the company’s HVAC vendor used to submit invoices.
Executives at all organizations should collaborate with their information security specialists to map out “what if” scenarios in the event business-critical data is accidentally or intentionally shared by third-parties. Companies who have their data stored in the cloud should review the cloud provider’s security and disaster recovery plans as well as their SLAs to ensure they have proactive measures in place that increase their resilience against potential security breaches and hacks.
BYOx in the Workplace
The BYO (device, application, etc.) trend is here to stay. And whether or not organizations have a BYOD policy in place, employees will use their own devices for both work and personal use. However, this often leads to the risk of devices being lost or stolen, spotty implementation of security upgrades and patches, and unreliable business applications being downloaded.
Organizations who have a BYOD policy, or are planning to implement one, should also consider the benefits of cloud desktops. With a cloud desktop solution, end-user desktops are safely operated from an off-site data center and accessed via a low-cost client device or traditional PC or laptop. Business-critical data and applications remain secure, and employees have access to it via whatever device they choose.
An organization’s employees can be their greatest asset when implementing proactive security measures. For years, companies have spent millions of dollars on “security awareness” training for their teams. Moving forward, they need to promote policies that encourage employees to take simple actions to help maintain a secure environment such as creating strong passwords, securing their mobile devices and using dual authentication devices such as RSA keys.
Is cloud and cyber security are on your list of 2015 priorities? HOSTING’s secure, compliant cloud solutions help organizations proactively address potential vulnerabilities while safeguarding their business-critical assets. Contact us anytime to discuss your specific needs.