Having a "cloud first" strategy for business applications has become the defacto, either by design or by accident, for many Australian small and medium Organisations.
The convenience of subscription-based access is a fantastic leveller and brings great benefits - all your data is securely hosted in the cloud, and the applications have Multi-Factor authentication enabled so all is good, right?
Well, not exactly!
Let's consider Mary in Accounts. Mary uses Xero and Employment Hero Software as a Service (SaaS) platforms for finance and payroll. Both platforms are cloud-based and comply with all the "right" security accreditations. Mary has a company-provided laptop with the latest anti-virus software and patches in place - all good so far.
Now for the wrinkle.
What you don't know is that Mary's teenage child has been swapping USB thumb drives with peers at school and has introduced malware onto the shared home computer that doesn't have up-to-date patching or anti-virus. Mary needs to urgently review payroll data in both Employment Hero and Xero and being that it's Saturday afternoon, has chosen NOT to use her company-issued laptop, but instead uses the shared home computer to log in and access the required data - saves a few CSV exports and emails the documents off.
No problem, job done - go back to enjoying the weekend.
Come Monday morning Mary is on the phone to IT - no access to email, Xero or Employment Hero. Five minutes later the CEO is looking for Mary, the bank has called, and the company account is overdrawn.
What has happened?
In simple terms, this is a business owner's worst nightmare. A trusted staff member, secure cloud-based IT systems, a flexible work environment - A major cyber breach.
Rather than focusing on HOW this has happened and WHAT needs to be done to keep operating, let's dig into the options available to prevent this situation:
1. Ban Working from Home
Pros - No investment in technology is required.
Cons - limits available talent pool and reduces flexibility/responsiveness in service delivery
2. Accept that this happens and move on
Pros - No investment in technology is required.
Cons - limits available talent pool and reduces flexibility/responsiveness in service delivery
3. Deploy an Air-gapped Virtual Desktop for access to all company tools
Pros - Easy to secure the environment as fewer attack points. Endpoints can be "unsecured" as no data flows between the endpoint and secure environment.
Cons - hosting and maintenance costs are increased. Some app platforms don't honor restrictions on enpoint locations allowing for bypass situations
4. Implement application access policies to force use of company supplied laptops for key applications
Pros - Low cost to implement. Little visible impact on user activities.
Cons - not supported by all cloud-based applications leading to coverage "holes". Variability in visibility across applications
5. Tunnel application connection requests through a security scanning device
Pros - Little impact to client actions.
Cons - impact on application performance, some applications don't support endpoint restrictions leading to bypass situations.
What's the "best" answer?
Education, understanding of risk points and selecting an appropriate approach from 3, 4 or 5!
At Microsolve, we're an IT Solutions provider and a guardian of your digital footprint. Realise the power of simple yet effective cyber security with Microsolve and ensure you're always ahead in protecting your business's future.