Internet access and connecting users over Wi-Fi is common practice in organisations of all sizes today.
Larger organisations scale out with more infrastructure layers, but the common element is that detecting an intruder is equally hard for any sized business.
Few organisations can monitor these services for external threats – and internal threats are just as concerning.
Some of the largest breaches overseas remained undetected for up to 230 days, and the largest data exfiltration examples from Australia were internal human error. Most examples in local organisations originated with their own users.
The challenge is that users are the greatest threat to an organisation, and in todays hybrid work environment, they work from anywhere – the office, their home or even at the local coffee shop.
The threat landscape is so diverse, and data can be taken across the network, organisations cloud, SaaS services or even internal data stores. It’s critical to have effective controls and protection across all users equally. This means you need to automate your protection, detection, controls and response.
An effective security approach needs to secure data, users and business processes so you can limit your attack surface (the number of all possible points, or attack vectors, where an unauthorised user can access a system and extract data).
What can you do?
- Use software that enforces automatic policy updates on all endpoints
- Check your infrastructure is patched to its latest viable version
- Check your business polices are reflected in your IT controls
- Confirm you have tested critical systems, data sources and backup to ensure business continuity is possible.
If you have a large building or a series of buildings, you also should consider any connected building systems, also known as Operational Technology. This could include air conditioning, building management systems, water treatment, water management or access systems. If these are not traditional closed systems, they could be accessed via a local network making them otherwise exposed.
The objective is to reduce the possibility of you being exploited.
Your business needs to validate that it’s prerogatives are reflected in your IT controls, and that all systems are current, patched and configured accordingly.
Bad actors will try and access any business. The best way to reduce the possibility of being a victim is to prepare by updating your protections and to close off any open doors. It’s just good business practice.