Much is being made of the impending General Data Protection Regulation (GDPR), with Gartner reporting that over 50 per cent of companies affected by the new legislation will not be in full compliance with its requirements by the enforcement date of May 25th, 2018
Yet while GDPR threatens significant financial penalties for those in breach of the regulation, the recent WannaCry and Petya global cyber-attacks demonstrate a much more serious security threat to organisations, and why managing network, system and data security is an essential measure regardless of GDPR.
The increasingly advanced nature of these attacks highlights the growing intelligence and reach of today’s cyber-criminals. With data playing an increasingly crucial role in business, it is the professional landscape which will find itself the main target of such crime – so what can IT managers do to protect their organisation against this threat?
1. Make security the number one priority within your IT strategy
Gartner predicts that worldwide spending on information security spend will reach $90 billion this year – a rise of 7.6 per cent on 2016, and a clear indication that organisations are trying to get a grip on the vast amounts of data they now handle. As working habits evolve and new technologies come to the fore, so to do cyber-criminals have an ever-growing goldmine of Personally Identifiable Information (PII) to target. Security should therefore be the number one priority for IT managers, and the first area they assess when planning their budget.
2. Educate staff
Public awareness of cyber criminality is peaking, but companies must educate their staff on the risks from a business perspective. Employees are the weakest link in IT security chains, and the increased preference for mobile and remote working only amplifies their vulnerability.
They are more susceptible to ignoring IT protocol when accessing sensitive files away from the office, while the likelihood of losing a device when on the move is also increased. As new threats and tactics continue to emerge – often quicker than the measures which are rolled out to protect against them – employees must remain vigilant. Consulting with staff through workshops and internal communications can help to reinforce this mindset.
3. Take data out of the hands of employees
While educating staff is essential, there will always be those who continue to disregard protocols and place sensitive data at risk. Business-built hardware offers a robust first-line of defence, but with the threat now operating at another level, so to must organisations evolve their IT infrastructure to remain protected. Technologies such as Toshiba Mobile Zero Client store data away from the device, making it only accessible through an existing cloud-based virtual desktop infrastructure solution. This removes the threat of malware being stored on devices, as well as nullifying concerns about data being compromised should a device be lost or stolen – ensuring full peace of mind for organisations striving to implement an efficient, yet robustly secure, mobile IT strategy.
Intel, the Intel Logo, Intel Inside, Intel Core, and Core Inside are trademarks of Intel Corporation in the U.S. and/or other countries.