Today's digital user eats, breathes and sleeps via internet connected devices, most of whom are blissfully unaware of how they are being tracked. They have more notifications than the Pentagon (probably not, but you get what I'm saying). Whether you're ready to accept it or not, if your employees are checking email and accessing company resources on their phone outside of the office, they are already a remote enabled workforce and always have been. The question is, how secure was your implementation?
Today's digital workplace is agile, flexible and secure.
Built correctly (by our standards at least) today's organisations are able to communicate, collaborate and work more productively in a secure environment. The data is protected no matter where or how it is accessed. Someone leaves, gets fired or just goes ghost (as the young ones say these days) our clients are able to cut access to files even if the files and resources in the former employees possession, in seconds.
A free world.
Today's mobility enables your employees to access company resources from anywhere, including that free wi-fi at the local coffee shoppe. Personally, I think using free wi-fi is as safe as sharing a needle in the late 1980's. We've chosen to secure how data is accessed and used while our clients are on these free open solutions in combination with running everything through our SIEM & SOC for early detection.
***Free tip: Don't allow automatic connection to untrusted networks.
The hacker of today.
Today's hackers or opportunists are using a diverse range of methods and tools to penetrate you and your systems to gain unfettered access.
The list below showcases a few options at their disposal.
- UI Redress
- Cookie theft
- A DDoS attack
- A Non-targeted website hack
In chaos there is opportunity.
There is always a vendor or provider offering a new way to put a bandaid on an old problem. Today's malformed band-aid, "new ways to work remotely and securely because of Coronavirus/COVID-19"
. Here is the crux of the matter. If your foundation is not sturdy, it doesn't matter what you build on top of it. It will buckle, fail and you will be proper miffed.
Most of these next-gen and evolving technologies are practically snake-oil. The more buzz words in their presentation (don't mistake proper grammar and an expansive vocabulary for buzz words), the more likely its just a hot steamy pile of shite.
Never trust, always verify.
On any system we manage, no one is trusted. Not even the owner of the company. We require verification from everyone attempting access, on any level.
A few days ago, I asked colleagues if they were thinking about mandating Single Sign-On (SSO) for their clients and all their applications. One answered and said it'd be near impossible to "mandate" because of all the Line of Business applications that are out there.
I just don't understand that approach and kinda don't want to. Nah, I just don't want to understand that thought process. Instead, why not explain to the client the need to upgrade that service or find a new one? Is it worth the risk to leave an old, un-patched, dinosaur aged security protocoled application in production that can sidestep your identity management solution? We think not. If it's that old, you will likely find productivity increases in a newer solution set to replace it.
(Disclaimer: we no longer charge for projects like this in our Expertly Managed Subscriptions, so no QBR/vCIO snake-oil here.)
It's our job to have a client understand what needs to be protected and why.
By leveraging Kontinuum managed services you will benefit.
- Secure resources tied to Identity Management.
- Increased operational efficiency by simplifying access and collaboration securely.
- Low friction management where you forget we are there.
- Mobility supporting all managed and devices.
For those of you worried about the aged based adoption/practice levels of your users, it really doesn't matter how old they are, work will happen where ever they are.
Leverage the benefits of being a Kontinuum managed client. Yes, it will be a client relationship, I know its en-vogue to refer to it as a partnership, the reality of our situation is with us you;
Pay for a result, not a service.