The first week of December 2018 witnessed what can be termed as a digital catastrophe. Thirty million O2 mobile users in the UK had their life at a complete virtual standstill. Deliveroo courier and Uber drivers could not go on with their normal work day. At the end of a whirlwind that lasted a good part of 24 hours, O2 said that an expired software by Sweden’s Ericsson was to blame for this chaos.
The outage was scary, our dependency on mobiles – scarier.
Ericsson did not want their week to go in utter chaos over the textbook ripple-to-wave problem. Its Chinese competitor Huawei was way ahead in the race of having a bad week. The U.S. raised a red flag with its rather voiced concern to its allies about the Huawei’s proximity with the Chinese government. It may look like the U.S. government is having some serious trust issues. But can anyone really vouch for the fact that there is no data back door installed at Huawei or for that matter Ericsson’s glitch was just an accident and not a deliberation? In the last few years, data breaches have dragged Facebook, Marriott, Cathey Pacific and many other organizations in a quagmire of chaos and public embarrassment.
Looks like we jumped into the era of portable devices without giving it much forethought.
You can call it a golden era when phishing e-mails were the only prominent data breach threat. And as it is with the golden eras, we christen them even when they are long gone. It is quite the irony that portable devices are personal, but the data security threat they pose can rattle organizations. A study by Shred-it, a data security firm, holds employee negligence as the main culprit behind data breach.
More than half of the managers agree that work from home aka remote work is an increasing trend and a third of them think it is a future. While the very picture of sitting at the nearest café with espresso, while you work or working in your pajamas may look enticing, the entire situation has a big catch. Broadband at home may be secure, but what about on-the-go Wi-Fi? Can you vouch for the absence of any backdoors while you access sensitive work data through them?
One in five small business owners said that a security breach traced its way back to a vendor they employed. The disturbing part here is that over half of them do not have a standing policy for remote workers or vendors.
While companies are all sunshine while typing policies encouraging BYOD and IoT (Bring your own device and Internet of things) at the workplace, cybersecurity guideline becomes too mundane to draw attention. Symantec, a cyber-security company said that only 14% of companies actually implemented a basic cybersecurity guideline.
If we go by the facts above the first step for HR should be drafting a written cybersecurity guideline. But, moving on a heavier note, a written draft is just not enough. A secure office network and a ‘clean’ laptop/computer are what IT support-team provides on the joining day. As time goes by, there are some urgent software installations and going through the IT looks like a drag. Employees bypass the IT and with BYOD it is so much easier to be the rookie IT of own devices.
There is no denying of the fact that we are not wearing the best armor to fight in full-strength against a security threat. Staying alert and knowing the possible points of breach to take a proactive stance may very well be the best bet. We need to work on our basic security habit. Talking about habits. What is one data security bad habit that you think is a high risk? How do you identify a maleficent employee? Are your onboarding and exit policies in tune with data security protocol?