The coronavirus pandemic and security strategies in a company
The pandemic has exposed a situation that could never have been so clearly observed.
The lack of business continuity plan for many companies. Not really accustomed to working remotely, the announcement of telework, whether for the first time as the second time, inevitably created a situation of panic. Organizations then wonder how to adapt so as not to create enough vulnerabilities and expose themselves to IT. Unfortunately, the shift to generalized telework has not been smooth.
This article will also interest you: Teleworkers don't realize their safety responsibilities
"Security actors around the world have seen an explosion in the number of attacks on businesses and individuals in the last six months. This crisis has forced companies to innovate and take risks by moving away from the traditional IS and moving very quickly towards a decentralized AND accessible IS for all and remotely. As a result, the IT teams had to urgently implement the technical and technological developments that were planned in the next 2 to 3 years but which became indispensable overnight for the continuity of the company's activities. Alexandre Delaby, a data security professional at Formind, noted. Indeed, it should be noted that the crisis has acted as a booster in the IT sector. By developing or popularizing several IT solutions. We have seen this in particular with the massive adoption of solutions such as:
– CYOD (Choose Your Own Device),
– COPE (Corporate Owned, Personally Enabled)
– BYOD (Bring Your Own Device) were made possible.
Video conferaing solutions have never been more popularized. The big winners in this story were notably Zoom and Microsoft Teams.
"This increase in home-made activities has also favoured other sectors such as e-commerce, which has seen the number of orders soar after tighter restrictions on citizens' travel. This sector has increased by 250 to 300% depending on the company. For performance needs, the use of cloud services such as AWS (Amazon Web Services) or Microsoft Azure has greatly relieved the burden of the company's internal network. We can say that these services have met the availability expectations of their customers. says Alexandre Delaby.
However, the situation and its implications have not escaped the authorities. They have made the various organizations as aware as possible so that they can put in place a system that has enabled them to better guard against the IT risks inherent in this sudden transformation. The idea of course and to ensure that all actors, from the managers of the companies to the employees through the managers of the information systems. All must be ready, to be able to make a bulwark against my cybercrime.
"While the COVID-19 pandemic may temporarily drive cybersecurity projects in some companies, most security officials believe that their IS is more exposed to the risk of cyberattacks than before. Indeed, the observation made by all security actors remains that hackers have been able to take advantage of this context of crisis and transformation to multiply and vary attacks on the IS of companies. points out Alexandre Delaby.
However, it is not only the proliferation of computer attacks that is the main cause of this situation of advantageous computer security. Rather, it is the fact that employees are forced to alternate between telework he works in the office. In this condition, they are often pressured to take action if it is possible to undermine the security of the information system. Speaking in particular about the use of some unsecured storage tools of USB sticks that can be used on personal and professional terminals, yet al not securing terminals used at home for work. In this context, employees tend to let down their guard. And the consequences are already known. That's why companies have to look after their employees, both in the office and in telecommuting. A follow-up that will fill several vulnerabilities that are inherently human-related.
Now access an unlimited number of passwords: