Blog

The blacklist of company security

Posted by SilverStorm on Oct 9, 2020 8:30:00 AM

09.10

Are you really prepared to face the security challenges of the “new normality”? IT risks, company assets, data, and user access are the keys to ensuring that there are no security gaps and that the wrong people cannot access sensitive information. Now more than ever it is time to take charge of this pillar that is essential to the businesses of today, those that have changed the manual for the automatic, the paper for the screen.

The Open Web Application Security Project Foundation (OWASP) establishes identity theft (Broken Authentication) and Insufficient Logging & Monitoring among its top 10 security risks. Both risks are closely related since exposure to hackers and malicious software has grown exponentially, not only in private users but also in companies, up to 37% according to some sources. For example, Broken Authentication is due to the lack of implementation of Multi-Factor Authentication (MFA), an even more important protocol if you are outside the corporate network. And the problem of Insufficient Logging & Monitoring is generated by the lack of data and analysis of possible intrusions or attacks, increased by working from home. Did you know that companies take an average of 191 days to identify a security breach? This is not the only consequence. European financial penalties range from 10 million euros (or 2% of the annual turnover) to 20 million euros (or 4% of the annual turnover).

09.10 Security ENG 1

And the impact is measured not only in sanctions but also in an unquantifiable loss of data and reputation if the encryption of the devices or the manual transfer of information is not taken into account. During this pandemic, and perhaps for a time in the “new normal”, the devices with which employees do their work are not always corporate and do not have the same firewalls as those that do belong to the business. Technological solutions have come to bridge that gap through the automation of certain processes such as monitoring the latest VPN certifications and collaborative tools, scanning to ensure that you have the latest antivirus updates, and running security checks to connect to the internal network.

09.10 Security ENG 2

However, a company’s security not only depends on its electronic devices but also on the users of those devices, that is, your employees. Many businesses have difficulty organising application and documentation permissions or facilitating their administration through approvals, ordered requisition lists, dashboards, and custom reports. It is increasingly important to protect data and ensure that employees have the proper accesses to do their work, but only those that are necessary. Prevent the cloning of roles and avoid generating security problems with applications that can provide traceability to companies (who has access to what) and promote efficient management.

SilverStorm works precisely so that companies can be more productive, efficient, and secure thanks to its more than 17 years of experience helping to develop the Digital Transformation. Through Nexthink monitoring technology and its app Accesso for ServiceNow, close every security gap and protect all your activity and that of your employees. Why hesitate in finding out more?

Topics: security, company, blacklist

Subscribe to Blog

Recent Posts

Posts by Topic

See all