By Henk Olivier, MD of Ozone Information Technology Distribution
Security has become one of the biggest conversations of 2020. For the organisation, the sudden move to remote working has opened up new vulnerabilities and risks.
For the education sector, hacks and phishing have battered freshly built digital walls and impacted students and systems alike.
For the individual, the growing security threat has permeated everything from their entertainment – Netflix – to their daily jobs – Zoom.
Hacks, ransomware, phishing – security attacks have become increasingly intelligent and have preyed on the fears of people to gain access to organisations and systems.
It’s not a pretty picture. The Experian hack has put the private information of thousands of individuals at risk and left financial institutions scrambling to minimise the damage.
Twitter was hacked and put the accounts of high-profile people and organisations at risk.
Netflix was used as the lure to entice people to enter their personal details on a spoof page that then phished their data and used it to access other accounts and information.
Zoom was hacked and the information leaked was used to try and access email accounts and penetrate business systems.
Phishing scams got into people’s email accounts and conned hundreds of users into sharing details that would impact on them and their organisations.
The landscape is currently littered with the bones of broken security systems, poor security training, and limited organisational reach.
These hacks have entered into the spaces that companies and individuals did not recognise as risky.
They’ve used vulnerabilities to climb inside systems and hold data to ransom. It’s as if the more companies scramble to patch the holes and weld shut the windows, the more cybercriminals squeeze in through the cracks and crevices.
Fortunately, cybercrime is not an unstoppable force. It is not a hurdle that cannot be jumped. The first, and perhaps most important, step that every organisation should take in every sector is to provide people with training.
This is particularly relevant in education where gaps in security can lie with students and teachers that don’t know how to recognise a scam or spoof website.
Training can fill in many of the holes that people carve into advanced security systems as it gives individuals the tools they need to provide the first line of defence.
The second is to invest in solutions that are relevant for the organisation and the industry.
These do not have to be high-end as-a-Service security systems or complicated platforms or expensive Security Operations Centres (SOCs).
There are software systems like Kerio Connect and GFI Languard that are perfectly suited to education institutions and small to medium enterprises, and provide a solid line of defence against crime and risk.
Kerio Control is the muscle – the platform is designed to block the threats that can potentially bring down the network and can be deployed flexibly across multiple environments.
GFI Languard is the security guy – the one that patrols the system for threats and vulnerabilities and has the ability to stop them before they cause chaos.
It also ensures that system patches are up to date using automated and customised tools that are tailored to industry and organisation.
These can be further bolstered by solutions such as those developed by Nuix – digital forensics tools that can be used to safeguard data within the organisation, identify high-risk data, and undertake digital forensic investigations designed to unpack who had access to the data.
MOVEit provides secure collaboration and automated file transfers of sensitive data and advanced workflow automation capabilities without the need for scripting. Encryption and activity tracking enable compliance with regulations such as PCI, HIPAA, POPI, and GDPR.
These tools can be combined to create a wall of security that can offer an organisation significant peace of mind in the current environment.
They can look inside systems to find potential flaws and vulnerabilities, or they can stand guard to protect against unplanned risks and threats.
Most importantly, they offer education institutions and SMEs a level of control that can help them better face the threats that lie ahead.
This article was published in partnership with Ozone IT.