Securing the modern workforce: Three challenges facing businesses
1st September 2016
We tend to associate cybercrime with panic-inducing headlines about the latest high-profile, multi-million-dollar heist. So it’s easy to assume that cybercriminals only target the world’s biggest companies, and that small and medium businesses aren’t worth their effort. Unfortunately, the reverse is true.
Most criminals won’t turn down easy pickings, and the same goes for online criminals. And because SMEs are seen as a soft touch, almost three quarters (74%) were hit by a cyber attack in 2015. When you realise that, by their own admission, only 18% of medium-sized organisations fully understand the threats they face it’s easy to see why this number is so high. If you don’t even have an IT department, it’s a lot harder to keep your online security up to date. We’ve taken a look at three major security risks that affect modern businesses of all sizes.
1. Attacks on social media
When we talk about the work/life blend it’s easy to focus on the advantages this creates for productivity and employee motivation. But the fluidity with which we now switch between our work and personal lives has implications for cyber security too. Now that many employees don’t make clear-cut distinctions between the world of work and the private sphere, malware and viruses don’t either.
Unfortunately, this means that employees’ personal browsing can put business networks at risk, especially if they don’t know how to avoid online security pitfalls. This lack of awareness is far more common than you’d think: you don’t need to visit an untrustworthy website to be hit by a cyber attack. In fact, some of the world’s most-visited, and seemingly innocuous, sites can be fairly high risk.
Social media platforms, for example, are increasingly used to spread malware in what are known as ‘watering hole attacks’. It only takes a careless click on a malicious link and an employee’s account can become compromised. And in our interconnected world, that means the device, the network it’s attached to and the business that owns it could all be in trouble too.
Whatever your business, empowering staff is always better than restricting them. So, while you should do everything you can to educate your employees on how to keep safe online, banning the places they turn to for self-expression and inspiration isn’t a great idea.
Samsung Knox Workspace reflects the reality of the work/life blend by giving employees separate compartments on their devices for personal and business applications and making it easy toggle between them. Neil Barclay, Senior B2B manager for Samsung R&D in Europe explains that Samsung Knox gives employees “the best of both worlds. It empowers end users navigate their busy lives, whether they’re out of the office but need to stay on top of work or at their desk and need to take care of something personal.”
2. Bring Your Own Device (BYOD)
The consumerisation of work means employees are increasingly frustrated by enterprise solutions. Hardly surprising, when they’re used to applications so intuitive they can be mastered moments after being downloaded.
Business applications are increasingly built with more attention to user experience, but for the most part they still fall short of what employees expect. So it’s more than likely your staff will want the freedom to do their jobs using whatever tools they see fit.
Having a mobile security solution is an essential first step. But you need to recognise that, when business devices are being carried beyond the walls of your organisation, hackers and malware aren’t the only threat. A phone that slips out of an employee’s pocket on the train could be the source of a security breach.
But by ring-fencing business-sensitive data on all employees’ devices then, you can keep control of your data even if the device is lost. According to Neil Barclay, Knox Workspace makes the whole process of enabling BYOD much easier because “it gives organisations a greater degree of control over the security of their devices than was previously possible.”
He goes on to describe how developers can use Knox Enabled Apps to create apps that work with Knox so, “your staff have the freedom to use whatever software they like, knowing they’re comprehensively protected at hardware level.” What happens in the personal area of your device doesn’t affect the work area, and vice versa, which is simpler and safer for everyone.
3. Weaknesses in tailor-made solutions
Businesses are increasingly looking to technology to solve their challenges, and the chances are they will want to create their own customised tools rather than adapting something that already exists. The advantages of a tailor-made solution are clear, but it needs careful consideration when it comes to security.
After all, you’re probably already taking steps to secure your network against vulnerabilities in any third-party tools you’re using. You wouldn’t want to undermine those efforts by overlooking a weakness in something you’ve created yourself.
Of course, a large part of the responsibility for making your custom-made solutions safe lies with your technology partner. The Knox Customization platform gives developers all the tools they need to create solutions to address your specific needs, whilst building Knox security into the app itself. So your business is free to experiment with technology, and you can be safe in the knowledge that it’s not open to an attack.
The threat of cyber attacks for small and medium businesses is very real. And the ways that businesses are innovating with technology, like allowing employees to blend their work and personal lives and use their own devices, and creating tailor-made apps to address their business challenges, are actually increasing the risks. But organisations can’t afford to ignore progress, and technology is also part of the solution: tech-savvy employees can easily learn to adapt their online behavior and avoid the most obvious cyber security risks, and security solutions like Samsung Knox Workspace and the Knox Customization platform offer simple ways to secure devices, data and applications.