Dimension Data New Zealand's CEO Jo Healey provided some simple tips for New Zealand businesses and the need to remain cybersecure, after speaking at this week's launch of the annual Connect Smart Week.
Connect Smart Week was launched to raise awareness and encourage people and organisations to consider not only traditional cyberthreats, but also what Healey calls "the weakest links in the chain" - or the everyday users.
Those users have now become the 'new perimeter' of organisational defence, especially those who use their own devices or others that are not managed by their organisation. Attackers are increasingly going after users, and it's those users who can give attackers what they want.
“While it is easy for an organisation to secure its systems in the workplace, today’s workers are not static. The growing prevalence of mobile workers globally, and in New Zealand, means the perimeter of an organisation’s network could, literally, be anywhere," she says.
Healey says that the fine balance between mobile workforces with security is what shaped the four tips that will help protect users and organisations - after all, the worst thing you can do is ignore the risks.
1. Understand end user needs
Dimension Data says that if organisations take the view that the end user is the new perimeter, then they are the 'logical' starting point. Discovering what those users require and what applications they use can form the basis of end-user computing strategies.
2. Understand critical risk points
This can be done by analysing all devices in an organisation and ranking them according to perceived risk level.
3. Form transparent and firm security policies
These policies should balance risk points and end user needs. It should be clear and understandable. For example, you can govern the access to applications by device, software, or even geographical region — restricting access when exposed to high-risk networks.
4. Communicate and educate end users
Dimension Data says that end users will only adopt new policies if they understand what the policies are and why they exist. This will require ongoing communication and refinement so users are always vigilant and up to date.