Cybersecurity may initially come to mind as a defensive position, but having strong cyber resilience can actually be a competitive advantage, especially when it’s at the forefront of your operations and embodies a commitment to customers. Now more than ever, customers are attuned to the impact of security threats to their own data. They also have a tendency to gravitate toward businesses that offer data security assurances versus those that don’t. You don’t have to be a cybersecurity company -- you just have to care about it and express that you’re following best practices. Having good security not only protects your business from threats and breaches, which could be costly due to outages and remediation, but security can boost your brand. The following are some cybersecurity best practices that will build your resilience in a way that allows you to stand out from the crowd.
One of the challenges with using the cloud is also one of the key benefits - it’s very convenient. If a business wants to spin up an internal application or a service for a limited time, it's very easy and quick to do so with cloud resources. For example, if you wanted to quickly add an app for a temporary business campaign, it’s very easy. However, often when the campaign is over, organizations forget to disable that application. And if it wasn't decommissioned, it's still available and it could be an outlet to threat. Businesses need to be aware of their cloud footprint at any given time in order to ensure that unused applications are removed. This added level of scrutiny and validation ensures you aren’t leaving your business and customers vulnerable to leaky, unused cloud apps that could cause a customer data breach.
Phishing and ransomware remain the biggest threat to businesses of all sizes making web security to block these sites essential. The number of blocks from newly registered malicious domains increased nearly 13 times since the start of the COVID-19 pandemic. And although most employees are familiar with phishing and ransomware threats, it's still a place where cybercriminals are multiplying the number of messages and ways to influence them to click on malicious links. DDoS attack traffic has also significantly increased over the last 6 months. During these attacks, businesses are not able to serve their customers online, transact with supply chain partners, or interact with their employees. This prolonged disruption translates to loss. These threats aren’t new, but the volume continues to increase over time. Stopping these threats before they get to the customer will prevent potentially costly interruptions for the customer.
Training and educating your employees on cybersecurity best practices can have a direct impact on customer satisfaction. Educating employees and establishing a company culture around reverence for customer data and privacy will have a positive impact on an overall customer-first mindset. This is especially important to reinforce with a more remote workforce. As we're in the work from home norm, you don't always have the same cues that you would if you were in the office. Being diligent about pausing before clicking on something may be interrupted by little ones tugging at your leg or your first-grader needing help connecting to their remote classroom. Regularly reminding employees about the many phishing campaigns from these targeted malicious sites will keep them on high alert, no matter what.
Many organizations have had to reduce staff due to business downturns, which can result in a scarcity of skilled cybersecurity talent. In order to fill the gaps, companies can benefit from managed security service providers or managed detection and response providers. A service provider can monitor their networks for threats and detect risks and issues. They can then respond with remediation in a more timely manner than you may be able to do internally. To assess the optimal partnership with a service provider, it is important to recognize the expertise you have in-house vs. those areas where you may fall short. For example, if you don’t have a Chief Security Officer or Security Operations Center, you can augment with the services of a managed service provider in order to ensure you are staying on the cutting edge of the threat landscape.
With virtual network functions on a single device, advanced security services, like next generation firewalls, or Unified Threat Management (UTM) firewalls can be provisioned, configured and supported remotely without requiring physical changes in the telecom closet. This allows businesses to be a lot more agile and brings advanced security functions and services closer to the edge of a distributed network. This enables businesses to use their local internet connection in those locations. Not only will this support encrypted tunnels to corporate resources, but it also supports secure access directly to the internet - reducing overhead on data center capacity and optimizing their distributed investment.
Perhaps the best long-term solution to cybersecurity in a remote working environment is segregating your business connectivity from the residential connectivity, as much as possible. This can be done with separate connections as well as extending security into the home. But knowing that employees could be working from anywhere at any time, that's not always practical. For this reason, it’s important to have multiple layers of defense. If you can't isolate your employees, you should ensure that remote access and endpoint protection are current and configured optimally on all devices in a way that triggers frequent automated updates. This will allow it to just happen in the background, without impacting productivity for the employee or customer.
Help defend your network against fast-changing and malicious attacks with the Comcast Business suite of cybersecurity offerings.