How can we minimize weaknesses in IT security?
With the digital revolution, the massive use of IT in all sectors of activity in society, the digitization of companies, the health crisis that is shaking the whole world, cybercrime is on the rise.
Hackers do not lack ingenuity to find the loophole that will allow them to access the data of any company or organization.It is an arsenal that they have at their disposal to initiate, develop and achieve their objective in terms of computer attacks. Yet this situation is not one-way. Indeed, organizations are trying hard to resist the holiday of cybercrime, which is becoming more and more cumbersome. Companies that provide security solutions are increasingly diversifying. There is now a wide range of solutions, whether it is physical or remote protection. However, despite the efforts made on both sides to fight cybercrime in the best possible way, the fact remains that a problem I pose regarding the use of all these solutions by IT teams. We talk a lot more about ergonomics and efficiency.
This article will also interest you: When ethical piracy becomes an ingenious solution to protect the company
"Even before the COVID-19 pandemic, confusion was already reigning in the cybersecurity landscape. Between the ever-increasing volume of terminals, their increasing diversity and the rapid evolution of cybersecurity threats, IT teams have been under constant pressure for a long time. Most of the time, companies implement security solutions that are often compartmentalized and cause unnecessary friction throughout the user experience. As a result, employees are forced to use alternatives or use Shadow IT. The Covid-19 pandemic has exacerbated this problem, but above all it will have revealed the significant shortcomings of corporate security platforms. explains Florent Embarek, Regional Sales Manager for Southern and Eastern Europe SPARK at BlackBerry.
Today, it is clear that remote work and the digitization of services have become standards for all organizations. As a result, it is necessary to deploy enough resources to increase the security of sensitive data is that devices used in the whole business process. Especially under the current framework (with generalized telework) or a large part of these terminals are now used outside the company.
On the other hand, the other aspect not to be overlooked by companies and that of securing mobile devices. Indeed, there is no denying that this is generally put on the back burner. However, it is necessary today to devote much more attention to the protection of mobile phones, tablets and objects connected especially to the cloud. Without it looking like it, these are tools that are much more targeted by hackers than desktops.
In addition, given the diversity of IT solutions products, the choice is also a question of choice for the company. Because in a certain sense, you don't just have to choose, you have to choose well. "Many vendors offer the 'best' solutions that address each specific part of the IT environment. Finally, what could be more logical than combining the best solutions in each category for complete security? The problem is the way they interact and communicate with each other that can lead to more problems than they solve. In addition, organizations face a number of market players, tools, consoles and threat alerts that are constantly growing, undeniably creating new vulnerabilities. Businesses then have to deal with a new aspect of their cybersecurity: blind spots. Formed by the lack of interconnection and the silo use of solutions, these blind spots make it impossible to control and visibility the entire infrastructure for both IT teams and managers. notes Florent Embarek.
Looking back at the situation of businesses in the face of the pandemic, we should mention the need for better organization, and a little deeper commitment. "Few, if any, companies were fully prepared to deal with the COVID-19 pandemic and keep pace with expanded and constrained telework. As a result, they did not provide for solutions that would allow employees to access data and resources securely without being part of the company's network. More importantly, they had no infrastructure to ensure the security of data, devices and applications, and therefore had to pool offers from multiple vendors to fill the gaps. ».
Now access an unlimited number of passwords: