With the rise of IoT, the efforts that your team has made to increase overall data security, may soon no longer be enough. The more devices you have in- and connecting to- your workplace, the more potential security vulnerabilities you have. You want to be sure that you’re closing off those vulnerabilities, decreasing the potential of open threats that have the potential to destroy your system. That means looking beyond securing your data and at the most obvious point of entry: the devices themselves. It’s incredibly important to focus on effectively securing all devices used throughout your company–including using the right strategies to provide the protection you need to ensure compliance and meet necessary security standards.
Encourage Cloud Data Storage
Storing data on a physical system means that if the system is lost or stolen, the data automatically becomes vulnerable–and this is particularly dangerous if the device is left logged in. While leaving devices without password protection may be more convenient for users at the moment, it will be extremely inconvenient–and even catastrophic–if the device is lost or stolen. By using cloud storage, on the other hand, you experience a number of key benefits.
- Cloud storage can provide an extra layer of protection between hackers and vital customer data.
- Cloud data is accessible from any device, not just the one on which it was initially created–which in turn means that a lost device doesn’t mean that the data is lost along with it.
- Cloud storage means that employees across your company can work from anywhere, at any time, and access the same information that they would be able to access in the office–no matter what device they’re currently using.
Cloud storage helps ease the vulnerabilities created by multiple devices, particularly when users take the right security steps to help protect their access to company data.
Decrease System Tampering
It’s easy to convince yourself that, as long as you have your device in your hands, it’s perfectly secure. Unfortunately, all too many people discover that their laptops aren’t as secure as they think. A laptop is stolen approximately every 53 seconds–and more than half of those devices are stolen from the workplace itself, which most people consider to be secure. Another 24% of stolen devices go missing from conferences: a location that even the most security savvy believe to be safer than average.
When devices are left sitting unattended, however, it isn’t just the threat of theft that can cause serious concerns. Even if the device is recovered, there may still be serious issues to deal with, as devices are still vulnerable to tampering. In a matter of minutes, vital system components can be replaced, expensive parts can be stolen, or new hardware can be installed on the system. All these may transmit information to other locations, rendering your data vulnerable.
To combat this, a transparent supply chain is your best friend. One that allows you to regularly check the vital components of your IoT devices to ensure they haven’t been tampered with. This includes:
- Keeping clear information about exactly what parts of your devices are factory-standard and include a record of any changes made to which models throughout its life cycle
- Installing web-based auto-verify tools that will allow you to determine that all of the components of the system are what they should be
- Recording information about where ongoing, outgoing reports such as manufacturer updates and bug-reporting are going, and who can potentially impact your devices.
- Ensure that you plot a traceability matrix, linking the cybersecurity control of your devices and its components for select 8th Gen Intel® Core™ vPro™ systems to their respective cyber security risks.
Use Multi-Factor Authentication
Your device is your ticket to much of the information that you use in the daily course of business–including, in many cases, private customer data that could be catastrophic if it is breached. Multi-factor authentication offers a more substantial layer of security than simple password protection alone. Most often, it requires that confirmation is sent to another device that the user keeps with them at all times. While smartphones are stolen on a regular basis–according to a Kensington study, around 4.3% of company-issued smartphones are lost or stolen every year– to take advantage of this, hackers and thieves must have both devices in hand. Multi-factor authentication sends login information to another device held by the user, which they then must use in order to log on. This prevents hackers from being able to guess or acquire password information, significantly increasing the amount of effort necessary to break into a system.
Delete and Destroy Old Data on a Regular Basis
One of the most effective things you can do for the protection of your data is ensuring that old data is deleted on a regular basis. Data can’t be stolen if it no longer exists on your system! It’s important, however, to be sure that you’re wiping data the right way. Simply deleting it once isn’t enough: in many cases, it can still be recovered from the system. Using a program that is specifically designed to effectively and safely delete old data can prevent hackers from gaining access to that old data. This can prevent them from accessing everything from outdated customer information to information about the passwords used by employees in the past–many of which may be recycled into current use. Your company’s data destruction policy should include:
- Information about when data will be destroyed. There should be a clear timeline for this process, from when customer data needs to be moved out to when past information should be deleted.
- Who is responsible for ensuring that data destruction has taken place–generally listed by position, not by a specific individual so that it’s clear who is to take on the responsibility no matter how staff changes.
- What steps need to be taken in order to ensure full data destruction.
It’s also important to be sure that data is destroyed from old devices that are being retired from company use. In many cases, devices that are slated to be recycled end up in the possession of employees or other individuals–and you don’t want to run the risk that those individuals will manage to secure sensitive data from those systems.
Check Your IoT Devices
When you first think of devices, chances are, you’re thinking of laptops and smartphones. Today’s offices, however, are filled with a wide range of other devices–and along with them, a wide range of potential security threats. Take a hard look at your IoT devices and how they’re connected to your systems. The Internet of Things can substantially increase vulnerabilities throughout your workplace–so make sure that you are:
- Separating the IoT network from networks used by common devices
- Updating devices regularly in order to add security patches as those threats are discovered
- Issuing specific security policies that must be followed by users who want to add those devices to the company network
Create Loss or Theft Protocols
When a device is lost or stolen from your company, how should users respond? Chances are, many of your users have no idea what to do if their device goes missing–and that delay can be catastrophic in terms of the information lost. If you deal with sensitive data on a regular basis, you need a loss or theft protocol that will offer protection to your company in case of those events. Your protocol should include:
- Who does the loss or theft need to be reported to? Is it your IT team? Should individual employees take the information to their managers first? Make sure that there is a clear protocol in place that will allow for employees to respond immediately if their devices are lost or stolen.
- What should the appropriate response be? For example, you may need to remove device access to networks or particular programs. In some cases, your security team may be able to remote into the device to start a data destruction program or other protocol.
- How will you trace devices, if needed? A record of serial numbers, parts, and other information is critical to helping to protect company devices.
- What steps should be taken if a device is recovered? This is particularly important to consider, for example, when employees are out at conferences or other events. A hacker could potentially implant a new piece of hardware or software on a device while it’s in their hands, leaving the system vulnerable after it is recovered.
- How long do employees have to report the loss or theft of a company device? Depending on the sensitivity of the data you deal with every day, and how your response plan works, you may need faster reporting times.
Stay secure in a multi-device environment
An increased number of devices on your network may mean more potential points of vulnerability, but it doesn’t have to mean leaving your system open to the potential for a data breach. If you want to learn more about how to mitigate the risks of counterfeit parts and learn how system- and component traceability are used to provide platform-level assurance of authenticity and accountability, take a look at how we leverage Intel® Transparent Supply Chain to validate the authenticity of PC hardware. Or if you want to find out more about effective strategies that will protect your data and leave you in a better position to handle the potential loss or theft of your company devices? Download our guide to Digital Transformation!
We work with you to create more effective strategies that will protect your data and leave you in a better position to handle the potential loss or theft of your company devices. Curious for more? Find Intel® Authenticate and Transparent Supply Chain enabled ThinkPad laptops featuring 8th Gen Intel® Core™ vPro™ processors here.