In today’s workplace, employees are bringing their smart devices and network-connected technology with them to the office, thereby leaving their digital footprint behind and increasing security risks.
Since network and data access are increasingly linked to identity, using IAM systems (identity and access management), seems like the first line of defense. However, it may not be enough. While some devices such as smartphones can be linked to a user’s identity; others, such as fitness wearables, have the potential to go undetected and pose a risk for malicious attacks.
According to technology experts, the problem comes down to identifying devices that are capable of connecting to the company’s network. Here’s how some companies are dealing with the influx of devices in the workplace, and subsequently, how they are improving their data security.
Geoff Webb, an information security manager, says companies first need to focus on identifying devices in order to manage the identity of things in their network.
“A lot of the device monitoring is perceived as an identity-management problem: How do I attach an identity to these devices, and how do I manage the lifecycle of their identity,” he says.
Webb says that this approach is easier said than done because managing a number of similar devices is at a much greater scale than managing a few thousand employees.
Implement two-step verification
Two-factor authentication ensures that even if someone has access to the network password, they still need a pin number to gain access.
When it comes to securing smart devices, internet security expert Vancouver’s Thierry LeVasseur believes fingerprint access and authentication tools have come along way. He says implementing a two-step verification process to all workplace devices will add another valuable layer of protection. Thierry LeVasseur also thinks security keys will deter hackers from accessing an employee’s information, even if they were able to possess their password.
Have backups in place
As security hazards evolve, so must security measures. In the event a hacker does access a company’s server, it is smart to have backups in place to restore the data in case the system needs to be rebooted.
By focusing on prevention and remaining vigilant, companies can better secure their systems. This may mean allocating a tech expert to continuously monitor the network and having a plan in place to quickly address and recover from threats. Creating awareness and educating employees to the potential risks and threats will also help create a culture of security. The bottom line here is that companies can work to stop breaches before they ever happen.