Ask These 10 Questions to Strengthen Your Cyber Security Measures
2020 is a year that few will forget. Extraordinary circumstances have seen our workforce’s move from the office to the home almost overnight, while cyber-threats remain ever-changing, dynamic and increasingly sophisticated.
This of course, is not surprising. The importance of cyber security has been growing exponentially for a number of years. The Notifiable Data Breaches (NDB) scheme that was first developed in February 2018 in an attempt to improve the overall security standards across Australia is evidence of this. Since its inception we’ve seen continual increases in both the number of notifications received (data breaches) as well as the percentage of those that are malicious in nature.[1]
In any organisation, your frontline of defence is the endpoint – employee personal computers (PCs), tablets and smartphones. As we continue to traverse through this global health crisis, and staff continue to operate from their homes on devices that may be beyond the protection of the corporate firewall, that frontline will continue to bare the brunt of the risks presented by the threat landscape.
Now more than ever, cyber security skills are at an absolute premium. To combat this, organisations look to the experts for guidance and assistance in identifying the right security solutions for today’s requirements.
In partnership with HP and Intel®, the team at Counterparts have put together a list of questions that can help you correctly explore your requirements when speaking with a potential cyber security partner.
1. Can you provide hardware that possesses the ability to protect itself from modern, sophisticated malicious threats and recover from them?
When discussing this with cyber security integrators, explore the hardware enforced protection capabilities that they can provide – what files on your computer can be recovered and restored? And for downtime considerations, how long will it take?
2. Can you monitor malicious activity in real time? Zero-day threats are the most challenging and potentially damaging threats out there for organisations. They’re unknown entities that can pounce at any time. Having access to insights, reports and analytics that showcase your device fleet’s current performance and status is a strong means of correctly identifying and responding to these threats.
3. In the event of an attempted attack, what details will you provide regarding it? When an attempted attack occurs, it’s important to have detailed information and analysis of the context, as it can help you better understand the types of attack’s targeting you.
4. Do you have the ability to monitor my staff’s devices from a remote location? With team’s working from home, it’s incredibly important that the integrator’s ability to monitor malicious activity and device health in real-time extends to remote monitoring.
5. Do you have the ability to prevent zero-day threats?Zero-day threats are often new and exhibit a never before seen makeup. There are tools available that leverage machine learning and artificial intelligence (AI) solutions to recognise instinctive malware similarities and guard against these attacks in real-time. HP Sure Sense is one such tool.
6. Do you offer any kind of additional privacy options?Your data is your most valuable currency and no measure is considered over the top when trying to protect it. Ask about features like privacy screens on laptops, the ability to remote lock a lost device, and the potential for data erase if a device is stolen.
7. Do you have the ability to isolate a virus and prevent it from spreading? With staff working from home, the relaxed atmosphere could potentially reduce their eagerness to identify online threats. There is technology available that can identify a virus that enters through URLs, attachments or files, and contain it to a single location, preventing it from spreading through an intranet or network.
8. Are your experts available for support if needed, and can you help us better strengthen and enforce our own policies?Security partners possess some of the most qualified cyber security experts available, it’s important to understand what level of access you have to these resources given current circumstances, and their ability to work in partnership and support your own IT team, if you have one.
9. How do you manage your device fleet refreshes?Learn about the exact terms and conditions should you need to undergo a device fleet refresh. Things like how frequently you can update devices? Can they handle the imaging and deployment? And what are the security measures that are installed on said devices?
10. When a device reaches end-of-life, how do you dispose of it?When a device reaches its end-of-life, for data protection purposes it’s very important to dispose of it using best practice, to avoid any data ending up in the wrong hands. For the modern organisation, cyber breaches are not a matter of ‘if’ but ‘when’. Do you now have staff working remotely and need help with your IT security? Counterparts Technology is a trusted technology advisor and implementer with great pedigree in solving complex technical problems to improve overall business outcomes. By working with technology and providing comprehensive security services to organisations across Australia, we offer powerful, trustworthy solutions that not only address the abovementioned questions, but excel to fit your unique business requirements. Want to discuss your current endpoint security status? To find out more get in touch with the Counterparts Technology Cyber team.
2. Can you monitor malicious activity in real time? Zero-day threats are the most challenging and potentially damaging threats out there for organisations. They’re unknown entities that can pounce at any time. Having access to insights, reports and analytics that showcase your device fleet’s current performance and status is a strong means of correctly identifying and responding to these threats.
3. In the event of an attempted attack, what details will you provide regarding it? When an attempted attack occurs, it’s important to have detailed information and analysis of the context, as it can help you better understand the types of attack’s targeting you.
4. Do you have the ability to monitor my staff’s devices from a remote location? With team’s working from home, it’s incredibly important that the integrator’s ability to monitor malicious activity and device health in real-time extends to remote monitoring.
5. Do you have the ability to prevent zero-day threats?Zero-day threats are often new and exhibit a never before seen makeup. There are tools available that leverage machine learning and artificial intelligence (AI) solutions to recognise instinctive malware similarities and guard against these attacks in real-time. HP Sure Sense is one such tool.
6. Do you offer any kind of additional privacy options?Your data is your most valuable currency and no measure is considered over the top when trying to protect it. Ask about features like privacy screens on laptops, the ability to remote lock a lost device, and the potential for data erase if a device is stolen.
7. Do you have the ability to isolate a virus and prevent it from spreading? With staff working from home, the relaxed atmosphere could potentially reduce their eagerness to identify online threats. There is technology available that can identify a virus that enters through URLs, attachments or files, and contain it to a single location, preventing it from spreading through an intranet or network.
8. Are your experts available for support if needed, and can you help us better strengthen and enforce our own policies?Security partners possess some of the most qualified cyber security experts available, it’s important to understand what level of access you have to these resources given current circumstances, and their ability to work in partnership and support your own IT team, if you have one.
9. How do you manage your device fleet refreshes?Learn about the exact terms and conditions should you need to undergo a device fleet refresh. Things like how frequently you can update devices? Can they handle the imaging and deployment? And what are the security measures that are installed on said devices?
10. When a device reaches end-of-life, how do you dispose of it?When a device reaches its end-of-life, for data protection purposes it’s very important to dispose of it using best practice, to avoid any data ending up in the wrong hands. For the modern organisation, cyber breaches are not a matter of ‘if’ but ‘when’. Do you now have staff working remotely and need help with your IT security? Counterparts Technology is a trusted technology advisor and implementer with great pedigree in solving complex technical problems to improve overall business outcomes. By working with technology and providing comprehensive security services to organisations across Australia, we offer powerful, trustworthy solutions that not only address the abovementioned questions, but excel to fit your unique business requirements. Want to discuss your current endpoint security status? To find out more get in touch with the Counterparts Technology Cyber team.
Intel, the Intel logo, Intel Core, Intel vPro, Core Inside and vPro Inside are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.
[1] Notifiable Data Breaches Report, July-December 2019, Australian Government – Office of the Australian Information Commissioner, https://www.oaic.gov.au/privacy/notifiable-data-breaches/notifiable-data-breaches-statistics/notifiable-data-breaches-report-july-december-2019/