Cybersecurity: How To Stay Safe Online
4th Oct 2022
Cybersecurity is important for protection against data from both theft and damage. In most recent years the Cybersecurity industry has been booming and is projected to grow rapidly in the coming years.
Keeping your business and employees safe online is more important than ever before with all businesses operating online in some form or another. With plenty of scam artists lurking it’s critical for us all to be aware of how we can browse online safely; not being aware of safety implications can put your business and employees at high risk.Why you should invest in cybersecurity
Being online makes us all susceptible to cyber threats, therefore it’s important for both employers and employees to be aware of how to stay safe when online. We’ve put together some top tips on how to minimise risk, which should be relatively simple to follow:
- Don’t share personal information
- Double-check and verify links (don’t click on unknown links in emails and text messages)
- Use secure public Wi-Fi
- Use a VPN
- Use secure passwords and change these regularly
- Only log into sites that start with https://
- Be careful who you speak with online
- Turn off your Bluetooth
- Use antivirus software protection
- Backup your data
We’re not experts in Cybersecurity, so we’ve spoken with Evan Blair (CRO) at HighSide - the market leader in secure communications, segmented collaboration & sensitive data management.
"The majority of today's work, data sharing, communication, and collaboration, takes place on digital platforms. However, the lack of enterprise-grade security or controls on most platforms has ushered in a golden age for cybercriminals."
"With more and more sensitive business data stored and shared on digital platforms, the adversary's cyber tactics have changed. The shift to cloud applications and remote work has led to a 630% increase in cyber attacks targeting cloud systems - with remote workers causing a data breach at 20% of organisations"
“HighSide offers a solution to the tradeoff between security and accessibility, usability and control. By delivering a modern collaboration, communication, and data-sharing platform, that's powered by a zero-trust E2E encryption system, organisations can exceed security standards while enabling digital business.
Organisations can start to increase their security posture by doing a few things:
- Catalog where all your corporate data exists, identify what is deemed sensitive, what platforms have access, and where indexes of the content might exist. For example, do you have teams using Google Drive for sensitive data? Does your HR team store payroll info in OneDrive? This can lead to an easy phishing-based exposure of your critical data. While platforms like OneDrive are convenient, they aren't secure, private, or even compliant.
- Review sensitive & high-priority communications for security & disaster accessibility. For example, does the executive leadership team have a segmented system for their sensitive & privileged conversations? Does the cyber operations team have an out-of-band communications tool to manage investigations & respond to breaches?
- Finally, does your organisation have a way to manage and control how data is shared externally? We all need to send a sensitive PDF to a client every once in a while, but how do you maintain control of your intellectual property?
How other companies have implemented online security measures
We’ve spoken to a couple of Flexified companies to find out what measures they have in place to tackle cybercrime and increase the level of online security within their business.Boxxe
“When a new employee starts they are invited and asked to join a meeting with our CISO (Chief information security officer) who conducts a security brief of the business.
We also provide online training packages using the Know Be 4 platform which all employees have access to and are asked to do 2 courses as part of mandatory training for Data Protection essentials and Security Awareness Foundation. Also, if any updates are needed on our equipment or mobiles we are updated promptly by the security team”.
Talent Partner - Alex ErringtonPaddle
Jonny Herd, VP of Information Security at Paddle has given us some real insight into what cybersecurity measures look like there.
“Paddle has embraced a digital-first approach to business operations and to employee interaction and engagement. This approach not only fits with Paddle’s preferred way of working, our customer interactions and business operations but it also gives the balance our employees need in order to hit their own work and life, family and social goals. The move to a digital-first approach brings with it some interesting challenges from a cyber safety and security perspective”
How do we enable our employees to work securely whilst protecting both their Paddle identities and their private identities?
“We have taken numerous steps to try and limit the type and scope of risks Paddle has as a digital-first business. Cyber safety starts with the people and how they think about cyber security, not just Paddle security!
- Paddle provides the information and education needed to Paddlers so they feel properly informed (not just a feeling of being indoctrinated!) and equipped to recognise and respond to current threats. The training and communication enable Paddlers to see the risks they see are not limited to just work time, but to any time they surf the internet at large.
- Paddle provides free access to a password management service for Paddlers and their families. The behaviour around password safety is a personal challenge and password management is a skill humans are bad at but password management solutions are good at! It’s a virtuous circle.
- Paddle works to promote increased awareness of the risks when using devices in locations away from the office and home. Combining this with technology that enables always-on encryption for data and communication helps to reduce the cyber risk a paddler might encounter whilst keeping the risk that Paddle is exposed to from remote working as low as possible.