New and evolving technology--from virtual private networks to artificial intelligence--offers diverse benefits that businesses can use to enhance their operations. But new technology also comes with inherent vulnerabilities that can jeopardize a company's infrastructure, reputation, and other assets. However, by employing best practices and remaining vigilant, businesses can protect themselves as they evolve right along with exciting new technological applications.
Virtual Private Networks
A virtual private network (VPN) is an effective way for businesses to protect their corporate applications and data. A VPN allows users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Essentially, a VPN creates a safe connection over a less secure network like the public internet. VPNs are critical for the growing number of remote corporate employees, business travelers, and other mobile workers who need access to their company's network resources. "While the corporate network perimeter has become increasingly porous, it is still important for remote workers to be able to use mobile devices and laptops," says Jason Poirot, information security program manager at Alaska Communications.
A key attribute of VPNs is encryption, according to Poirot. This typically involves encrypting data at the sending end and decrypting it at the receiving end. An additional level of security entails encrypting not only the data but also the originating and receiving network addresses. "It remains critical that business data be encrypted and that IT personnel manage access control," says Poirot. "Multifactor authentication and the use of a good endpoint security solution are also important."
Cloud Storage Management
Today, cloud storage is typically more secure than conventional on-premise storage, but businesses should be very careful when selecting a cloud provider. There are a variety of cloud options available, from a basic operating system to a fully-managed solution. People should keep in mind that the "cloud" is just someone else's computer or server and not all cloud solutions are created equal, says Michael Strong, GCI's chief information security officer They also need to conduct proper due diligence when choosing providers. "Cloud providers will promise you access to your data, even if they have a change in business status," Strong explains. "But like any business, if they go into bankruptcy, their good intentions have also gone into bankruptcy. This is a reminder to make sure you have robust data backups--with a different provider. Don't put all your eggs in one basket."
Larger, more established providers like Microsoft Office 365, Dropbox, Salesforce, and Intuit generally can offer better security and protections than small businesses can achieve on their own. However, it's important to read the fine print of the provider's service-level agreement. Strong says: "There can be a lot hidden in the terms and conditions, such as granting others the permission to read and use your data. This can be particularly troublesome if your business generates sensitive personal and confidential data...