Zero Trust, Ransomware, and Improving Data Security
For us, data security is always both important and topical but, recently, it has been especially important and topical. What with ransomware becoming more widespread and the remote work boom brought about by the COVID-19 pandemic, we are facing new data security challenges, which we are tackling with tools like Zero Trust thinking. Tuukka Tiainen, a.k.a. the ‘Iron Fist of Cyber Security’, is here to shed some light on the issue.
“At the moment, ransomware is a hot topic because it provides online criminals with an easy way to earn some cash. That said, malware and cyber attacks are a much wider issue, which can be tackled with Zero Trust thinking,” says our IT expert Tuukka Tiainen.
Here at Centero, the Zero Trust theme and the principle of least privileged access have featured heavily in the last year in our blogs and webinars as well as the launch of the Centero 365 Manager service. Ransomware, on the other hand, is a concept almost all of us have recently become familiar with. After all, ransomware is becoming increasingly widespread.
“It’s good that the issue is highlighted in the media because it makes people think about cyber security. If you protect yourself properly from ransomware, the odds are that you’re also protecting yourself from other threats,” Tuukka continues.
When Server and Firewall Are No Longer Enough
In addition to the spread of ransomware, Zero Trust thinking has been a matter of much interest due to the COVID-19 pandemic. The state of emergency resulting from COVID-19 has drastically increased the amount of remote work, specifically among IT workers. This, in turn, has underlined the risks related to data security.
“Back in the old days, you would use your own organization’s server protected by a firewall, but that is no longer the case,” says Tuukka.
“These days, pretty much all organizations use mobile devices, which requires things like strong authentication and keeping the devices and apps up to date. Everything has to work, regardless of where the devices and users are.”
Even without the COVID-19 pandemic, there would currently be more data security issues than before the time of mobile devices and cloud services. Employees operate outside the company’s own network, it is impossible to protect all networks at home, and the company’s management system does not necessarily extend beyond the intranet.
“This is precisely why we need Zero Trust thinking, because it protects you regardless of your whereabouts. That being said, there is no Zero Trust switch that you can simply flick on. Zero Trust is a higher model of thinking and a frame of reference to which things are mutually and gradually introduced within the organization,” says Tuukka.
You Should Get Excited About Data Security
Because all threats can’t be repelled just by means of technical control, end users’ know-how, good sense, and caution are key for ensuring data security.
We have designed our Centero 365 Manager service in a way that makes access to user permissions and data as easy and safe to manage as possible to start with. Even so, Zero Trust thinking combined with a healthy data security culture running through the entire organization are invaluable.
“In many organizations, security and know-how are at an extremely high level but everything is still largely in the hands of the IT department. At the other end of the spectrum, there are companies where data security still means an anti-virus software and a firewall,” says Tuukka.
“When the management of the organization gets excited by the importance of data security and when that excitement permeates through the whole organization, things are looking good.”
Tuukka’s 5 (+1) easy tips for improving data security
1. Enable multi-step authentication in your Microsoft 365 environment.
2. Abandon unnecessary admin privileges; normal user permissions are enough for almost all users.
3. Keep your apps and user permissions up to date, for example, with Centero Carillon.
4. Familiarize yourself with Zero Trust thinking – it isn’t hard and you don’t need to get everything straight away.
5. Find out if Centero 365 Manager would work for you and your organization.
+1. Book a meeting with our amazing sales representative Kimmo and discover all the ways in which we can help you with your data security needs!
Kimmo Pitkänen, sales