As the implementation of hybrid work becomes more frequent and the operating formats of companies are modified, devices and work tools have also needed to adapt to this new modality.
This scenario poses a new security and information protection challenge for companies.
While cyber risks have always been present, the decentralization of work has increased them considerably.ç
The jump in the connection of corporate networks with stronger controls to home networks, the sharing of devices for work and personal activities or the use of company equipment by other family members, are some of the causes of reduction of the security.
Added to this is the fact that computer criminals have improved their maneuvers and have taken advantage of the widespread use of the Internet to increase the theft of information from users and companies around the world.
Fortunately, Latin American SMEs have understood the need to strengthen their digital security and for this reason, according to the latest edition of the survey SME Vision, 1 in 3 entrepreneurs planned to make investments in software tools to improve their cybersecurity.
To contribute to this process of improving security processes in SMEs, below, several experts mention useful tips to start in 2022, considering some changes that will surely prevent loss of information or even greater problems.
Monitor the configuration of devices on the network: It is crucial to manage the vulnerabilities of the devices, after more than a year connected to home networks. For this reason, before reconnecting them to the corporate network, it is essential to analyze their security to ensure that they are free of malware that could compromise the organization’s systems. Alejandro Carbonell*, CEO and co-founder of Tutorez, an online education platform, recalls that “it is also important to create a plan for the moment a security alert is received, to identify the source of the threat, to be clear about which person to contact and know the steps to follow, according to the situation”.
Employee training and awareness: In this stage there will be much more fluidity and the collaborators will not only divide their time between the office and home, but will also have the opportunity to work from shared spaces. This is a potential risk when it comes to cybersecurity. Alejandro Carbonell*, assures that “Staff training programs can help reduce risk in processes such as password management, social engineering, and safe web use. To do so, heGamification techniques are a good option, since the mechanics of the games are transferred to the educational-professional field. The above allowsspeed up the learning process, and serve to entrench behavior changes in a lasting way”.
Policies for the control of access: User authentication is a key part of any corporate security strategy, especially when managing large numbers of remote users. Jason Acuña*, founder and CTO of Outer Space Coders, a technology company focused on web and mobile development, states that “In addition to adopting strong and unique passwords, ideally one-time passwords, a security model such as Zero Trust, which is becoming increasingly popular, is an excellent way to strengthen the security system of companies.”
Device security: The Portable devices like laptops, smartphones, tablets, and USB drives can be a huge risk if not used properly. For this reason, and as highlighted Rodrigo Urrego, CMO & Co-founder of MedicApp, an application that takes advantage of the collaborative economy model in the health sector, “it is necessary to ensure to maintain biometric authentication, remote locking and data wipe if necessary, as well as regularly checking for updates and backups.”
The change to the hybrid work environment is a fact and beyond being configured as a temporary model, security strategies must be adopted in line with the future business plans of SMEs. In this way, implementing new technologies will not only be useful now but in the long term.