The importance of education within business'
Educating our clients and partners on upskilling their security knowledge and capabilities is an important aspect of our solutions, so that non-IT department personnel, or even executives can have tangible hands-on capabilities to further the security growth of the business.
Every staff member in your business needs to be trained, and empowered to contribute to the company’s security posture.
This means that the security costs are not singular capital items, but need to be an operational and effective spend of the business’s limited budget, driving the most effective return for the dollars spent.
The most effective approach is educating the business as a whole and making sure that all employees understand what is expected of them, such as reporting strange emails, not clicking unverified links and knowing where they can go to find the answers to their security specific questions.
A simple example and one that affects nearly all of us is the dreaded issue of passwords and the newer and sometimes overwhelming issues of “too many 2FA Apps on my phone”.
Online password reset processes can often be a point of weakness for attackers, but forcing all password resets can be an expensive toll on a service desk. Something as simple as Azure connected laptops and Microsoft’s Hello service, can mean that users can be identified without the need for a 16-character password that expires monthly. When paired with hardware-based authentication tokens, we can do secure logins that do not require a password, instead identifying our important and trusted staff using clever modern protocols.
How IXID helps solve the issues of Security
OpusV’s IXID implements current security standards (Username, Password and MFA) to gain access to key OT environments in a secure and auditable way, but most importantly, it makes the management of all of this native to even a non-IT trained person, from SCADA Engineers or Project Managers, they are able to induct and control staff and contractor access after just one simple training session.
It is our belief that by having the “assessment of appropriate role access” be as close to site and system management as possible(with a second tier of support available upon request) we can ensure that security access is prompt, managed and appropriate.
IXID is already beginning its integration with FIDO2 and WebAuthN protocols which allows a user to login to a specific site provided they have the appropriate hardware authentication device (E.g., YubiKeys).
At OpusV, we are paving the way for businesses to make headway into security compliance, such that their control of site is easier, more accessible, easier to manage and meets all of the SOCI/SLACIP compliance requirements.
If you’d like to see a practice example of how it all works, we would be more than happy to run a demo for your business.
Feel free to contact us at (03) 9029 0431