The guide to workplace security
The dos, the don’ts and everything in between – effective workplace security is the responsibility of every individual in the business
Organisations both large and small are striving to understand their people better so they can give them more opportunity to be productive and put into their hands the technology that they need, and are familiar with in their daily lives. That kind of tech is good morale and productivity, and is great for a company’s bottom line.
There’s an ulterior motive, too. If your business fails to keep pace with innovation, you’ll ultimately be left behind.
It was in last year’s, rather than 2019’s ‘O2 Future Trends’ report, that the futurist Graeme Codrington said: “Within two years, if you are not mobile-first (which naturally implies cloud-first) you might be too far behind the curve to catch up… We can expect that tomorrow’s employees will expect to be able to use the same level of technology at their workplace as they do at home. That means mobile-first, AI, natural language processing and staying always connected.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
“We joke about how Wi-Fi should now be the foundation layer for Maslow’s Hierarchy of Needs. But the time is coming when transport, work, medical treatment and civil liberties are all so reliant on the internet that connectivity will be as much a human right as running water and electricity. Now is the time to seriously question the legacy IT investments that are holding you and your people back, because waiting is a costly game. Implementation cycles are being shortened from five years to five months, because of the risk of obsolescence over time.”
A landscape of growing threat
Sadly, as companies empower their people more and unlock the good that the cloud and mobile advancements have to offer, there are those out there using the self-same technologies for their own ill gains.
“In 2017 hackers made a lot of easy money and caused huge disruption as a result of UK business missing the basics when it comes to securing data. Most of the breaches I read about in the press could have been easily prevented by taking a more proactive approach to cyber security and following the government’s guidelines,” wrote Dean Thomson, cyber security specialist at O2.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Whether it’s ransomware, malware, cyber crime, physical theft or something else – it feels like a new threat emerges every day. The media is littered with horror stories about data breaches, security blunders and tech tales of woe, so how can you avoid being next – and keep your people happy?
Follow the money
Security is big business. Analyst firm IDC predicts spending on security software, hardware and services will reach $120 billion by 2020. That’s a lot of money going towards fighting a real and growing problem.
"Three overarching trends are driving security spending: a dynamic threat landscape, increasing regulatory pressures, and architectural changes spurred by digital transformation initiatives," said Sean Pike, IDC’s Security Products and Legal, Risk, and Compliance programme vice president.
Ultimately, the more we adopt mobile technology in our personal lives, the more we’ve come to expect these same technologies to make our lives easier when we’re at work. Implement technology in the right way and businesses should see a positive outcome across the board.
“Digital workplaces are good for employees, good for customers and good for profits.” said Emma Thompson, Head of Technology and Telecoms Business Partnership Team, UK Government Cabinet Office in O2’s Futures summary 2019.
Of course, there is no one-size-fits-all solution for digital transformation. It means different things to different businesses, but one aspect that’s fundamentally important is security. For instance, an organisation that becomes mobile first will need an agile infrastructure to allow its people to work and collaborate from anywhere.
This also requires end-to-end security, with each part of a company secure – whether that’s a server at head office or a member of staff using a work smartphone on an overseas business trip.
A big problem for business of all sizes
Whether you’re a large or small business – or any size in between – security has to be front of mind. Like taking out an insurance policy you hope you never need, it’s a must.
It’s a dilemma. Ultimately, we need technology. Its benefits far outweigh any negatives and it makes a very real difference to businesses and individuals alike.
However, in order to reap the rewards rather than be exposed to the risks, we have to tread carefully. To help, here is our guide to what you really need to consider when it comes to workplace security.
Click above to view the workplace security guide infographic in full size
Do the following...
Do: Utilise two-factor authentication
Many employees actually like two-factor authentication as it helps if they forget their passwords as well as protecting what the company holds dear. By ensuring two verification steps need to be followed before granting access, you are reducing the chances of unauthorised access.
“Two-factor authentication may not be quite the security silver bullet it was once thought to be, but it's still an important area of security and access control to keep in mind when obtaining and setting up services for your business or personal life,” according to an IT Pro article on the subject.
“The more hurdles you can put in the hackers’ way, the less likely they are to target you.”
Do: Look at both WAN and LAN
Devices that have connectivity can become dangerous in the wrong hands. That’s why it’s so important to focus on all network security elements – from LAN to WAN and beyond.
O2 was the first mobile operator to achieve CAS(T) certification (the government standard for secure communications), to validate the financial and human resource effort placed into security to protect the businesses that rely on it.
Do: Embrace behavioural analytics
By taking advantage of Big Data platforms and sophisticated technologies such as Machine Learning, behavioural analytics looks at user activity to try and identify and stop insider threats. For example, employees who are able to interpret behavioural analytics can spot potential security breaches by looking at who is accessing various network assets, how often and what devices they are using to communicate with.
Do: Focus on endpoint protection
The majority (around 70%) of businesses in the UK still rely on signature-based detection to fend off malware and ransomware attacks, according to O2’s Dean Thomson. This, simply, isn’t good enough, he says.
“It’s time to deploy next generation endpoint protection that uses behavioural analysis to detect and stop malicious activity. This technology will also go a long way in helping to protect against chip based exploits such as Meltdown and Spectre,” Thomson added.
Do: Ensure you focus on the knowns and unknowns
Hindsight is a wonderful thing and it’s easy to try and learn from what’s happened in the past to try and affect what may happen in the future. But, while it’s good to learn from experience, organisations must remember that the threats that expose our weak spots need the same amount, if not more, attention.
Do: Embrace evolving behaviours
With new threats emerging all the time, it’s important not to stand still when it comes to security. Be prepared for every possible eventuality and respond accordingly.
The most dangerous threats to your business are the ones lying dormant waiting to activate. There’s no place for complacency when it comes to workplace security. And, while people are your biggest and best asset, where security is concerned, they are also your biggest allies.
Don’t do the following…
Don’t: Shut people out
People need to feel valued and listened to. And there’s no greater way of showing you’ve been listening than answering their needs. So when you’re implementing any new technology, don’t do it without first talking to those who will end up using it. Get your people on board early on to help educate them on being security aware.
Don’t: Get the balance wrong
When it comes to accessibility boundaries and rules, there needs to be the right balance between tech security and tech freedom. Use it in the right way, tailored to how people work – with the right security in place – and technology can help unlock employees’ potential.
Don’t: Allow unauthorised devices on the company network
In the same way you wouldn’t allow any uninvited guests into your house, the same goes for your business. Many larger organisations may have this covered, but if a smaller business is keeping an eye on costs then unauthorised devices could slip through the net. In this case, ensure you maintain an audit of company issued devices as well as making sure employees understand the responsibility they hold every time they connect their personal devices to your corporate network.
Don’t: Think you can do it alone
No one really understands your business as well as you do, but you’re not expected to have all the answers. That’s why it’s important to work with your trusted partners to reinforce your defences. When it comes to security management, a third-party engagement can make a great deal of sense.
“Don’t waste money on trying to build and tool your own Security Operations Centre, instead outsource the problem to the experts,” according to Thomson.
“The costs for managed security services have come down considerably in the last year and it is far more secure to use a SOC that can see threats that are not just targeting your own business. There’s strength in numbers. We’re here to help if you need us.”
In conclusion
Technology is only one part of the puzzle when it comes to effective security; but ultimately, your people are the best defence. That’s why it’s important not only to educate employees on all the dangers, but also get them onside with your security strategy.
“Don’t let’s talk about the technology as if it’s the technology’s fault that we’vegotten better or worse at anything. It’s about how we choose to use the tools we’ve got,” Codrington added.
A business’s biggest asset is its people, and equipping them with the right technology to unlock their productivity is key. If an organisation and its people are always going to be connected, they need to be able to work on any device, collaborate with colleagues and access data and apps securely wherever they are.
When it comes to security, it’s often said, that you’re only as strong as your weakest link. So, make sure you strengthen those defences and continue to invest in them as the threats evolve. Together, it’s far easier to stand up to the many against threats and stop them rather than taking them on alone.
Discover how O2’s technology is helping businesses empower their workforce.
-
The Week contest: Airport goodbyes
Puzzles and Quizzes
By The Week US Published
-
'We shouldn't be surprised that crypto is back'
Instant Opinion Opinion, comment and editorials of the day
By Justin Klawans, The Week US Published
-
How the national debt affects your finances
Rachel Reeves has changed the rules, but why does that matter?
By Marc Shoffman, The Week UK Published
-
The power of anonymous data
feature The application of anonymous data can be a huge benefit to businesses looking to tailor services more closely to customer behaviour
By The Week Staff Published
-
How big data will change our lives
feature Big data can be seen as daunting, but with proper handling it could be the most significant opportunity for people and business this century
By The Week Staff Published
-
Building connectivity: How 5G will change the way we live and work
feature The next generation of mobile data is on the horizon and with it, the potential to revolutionise our everyday lives
By The Week Staff Published
-
A day in the life of a smart city dweller
feature How a truly connected life could spell the end of traffic jams, potholes and the weekly shop
By The Week Staff Last updated
-
Empowering people to build a better business
feature How can people and tech work in unison to create a better business?
By The Week Staff Published
-
What's driving the digital work revolution?
feature The world of work is evolving so quickly, but are we underestimating the role of people?
By The Week Staff Last updated
-
The evolution of people in the workplace
feature People are the most important asset for any business, and they need the right tools and platforms to help them flourish
By The Week Staff Last updated
-
Why the Government wants a mandatory ‘backdoor’ on encrypted technology
In Depth Five Eyes intelligence alliance says gadget makers could face new legislation if they fail to comply
By The Week Staff Published