The Three Most Important Things Businesses Need to Secure Right Now

Employees across the country are adjusting to working from home, rotating in-office schedules as businesses reopen their physical office spaces and adapting to new safety protocols. At the same time, companies are adjusting to this new reality and making changes to adapt to the different landscape brought on by COVID and its ripple effects.

Aside from the financial impact, corporations should be exploring and implementing flexible protocols to prepare for potential cyber threats to physical threats like fire and theft. Additionally, the numerous changes many companies are experiencing due to COVID will likely impact their workforce for years to come and they need to get ahead of the curve to make sure they have skilled talent in the pipeline. Below are the three areas where companies should place a particular focus, and some advice that may help guide them through these difficult times and keep their business and workforce secure.

 

 

Cybersecurity vulnerabilities

With an increased number of employees working from home comes an increased risk of a lapse in security. First, employees are using their home wifi networks - which can mean weaker passwords and more people sharing a network. Sensitive company information is vulnerable if shared over an easily hacked network or one with multiple points of entry. To combat this, employers may want to require the use of a VPN for any sensitive data and/or provide secure wifi hotspots to its employees. Secondly, phishing scams don't go away just because an employee is working from home - but it might be easier to fall victim. Educating employees on ways to differentiate real emails from phishing scams is critical to protecting IT infrastructure.

Physical threats, like theft and fire

While the workplaces of today might look a little different for employees (read: located at home, or in the office by themselves or with a skeleton crew), organizations still have physical buildings and employees to protect. With unoccupied buildings and no one around to check on the space each week comes a potential increased risk in theft and property damage, and since many buildings are unoccupied, fires may break out with no one around to call for help. For those that are slowly reopening, it's important to make sure that employees feel safe in the office, especially if they are alone or in small groups. Both of these scenarios underscore the importance of having a professionally monitored security system with video cameras, fire detectors and 24/7 monitoring. Not only does a robust security system deter possible malicious attacks like vandalism and theft, but it can stop an act in-progress, identify a fire, alert authorities, ensure proper emergency response, and so much more.

Threat of talent loss

As ADT leadership discusses in an article for Security Today [1], uncertain times can lead to a rise in stress for employees. But believe it or not, if companies can make a small investment in employees now, it will have massive impacts down the line. At ADT Commercial, a leading provider of security, life safety and fire solutions to businesses in the U.S., we are investing in expanding employee skill sets across disciplines – establishing widespread employee buy-in and increasing accountability and credentialing to give employees a clearer path to success. By helping employees expand their knowledge base, organizations see a true advantage for both their people and their customers. It’s vital to keep employees engaged and looking forward, even when it feels as though so much is at a standstill, otherwise your business is at risk of losing talent and coming out on the other side at a disadvantage.

Overall, when business leaders think of enterprise security, it's so much more than just a few alarm sensors: everything from 24/7 monitoring to fire prevention to phishing threats to employee dissatisfaction can leave enterprises vulnerable. Working with trusted experts to secure your enterprise can be the differentiating factor as to whether an organization comes out of this vulnerable or steeled against any future hardships that may arise.

If you’d like to learn more about how to secure your business, check out our website[2].

 

Sources:

[1] https://securitytoday.com/articles/2020/04/29/making-the-best-of-a-challenging-situation-adt.aspx

[2] http://www.adt.com/business

Mapping security to regulatory requirements

Next, make sure the elements of your security program support compliance with relevant rules and regulations governing customer data privacy and protection. Deconstruct the elements of each regulation governing your company's activities and map the elements of your security program against each regulations' requirements. For example, if subject to the GDPR, how can your company comply with an individual's data protection rights?

If this exercise uncovers gaps in your ability to protect data, assign the responsibility of addressing the deficiency to someone in the organization who possesses the authority and proper resources to handle the matter. Just as importantly, establish an expected completion date and make sure a third party, such as the internal audit department, follows up with the responsible party to ensure the remediation effort takes place.

The goal here is to ensure your security program includes basic—as well as advanced—security protections, such as firewalls, encryption and malware detection capabilities, to protect data wherever it resides within the IT environment, while also achieving compliance with industry, state, federal and international data protection laws and regulations. To improve your understanding of data privacy laws and regulations in the United States and overseas, visit DLA Piper, a multinational law firm.2

 

Put it in writing

If you've not done so already, create a data protection policy that documents the people, processes and technology your business depends upon to protect customer data, and remain in compliance with relevant rules and regulations.

Make sure someone within your organization reviews and updates the data protection policy on at least a bi-annual basis. To set the tone regarding how your organization handles customer data and ensure that employees and executives know their role in the process, share a copy of the policy with employees and executives regularly. To help you develop a data protection policy, here's an example from Daimler, a German multinational car manufacturer.3

 

Commit to continuous improvement

If you've not done so already, create a data protection policy that documents the people, processes and technology your business depends upon to protect customer data, and remain in compliance with relevant rules and regulations.

With businesses of all sizes embracing digitization, the degree to which companies rely on technology grows daily. So too does the potential for a cybercriminal to uncover weaknesses in a company's digital backbone to exploit. Therefore, combating customer data theft requires an unwavering commitment to security, which includes a willingness to dedicate attention and resources to evolving your security program to combat the latest threats.

1. EUGDPR. "GDPR Portal: Site Overview". Accessed June 26, 2018. https://www.eugdpr.org
2. DLA Piper. "Data Protection Laws of World". Accessed June 26, 2018. https://www.dlapiperdataprotection.com/index.html?t=about&c=AO
3. Daimler. "Data Protection Policy". Accessed June 26, 2018. https://www.daimler.com/documents/company/other/daimler-dataprotectionpolicy-en.pdf

CHAT WITH US
chatface 1
chatface 1