It is an oft eye-rolled truism that security is directly in opposition to usability.
In this world of information being available everywhere, and computing capacities beyond comprehension at our fingertips, we have seen access and utilization of technology exponentially increase. Unfortunately, this has seen the security aspects of our data, our business data and our communities data not progress accordingly.
It is now a daily, if not hourly litany of compromises, data breaches and account compromises. You may have seen the friend's Facebook account start posting random ads for sneakers or received an apologetic email from a business you have had dealings with, stating that your details “may” have been compromised by an attacker. Recently Eastern Health in Melbourne had to cancel elective surgeries and outpatient appointments due to a system compromise.
The world expanded its digital horizons and gained a proverbial truckload of benefits, and correspondingly as proverbial truckload of security issues. We extended the borders of our personal kingdoms, but did not build the walls, or create the armies to protect the new territory.
This has meant that for many a business, security is not an issue or something to worry about, until too late. The maturity path for many businesses wont force security into their business planning, until required to as part of dealings with a more mature and normally larger vendor, supplier or partner. Then it’s a hard slog of lip-service, paper-thin compliance attempts or genuine investment to in-fill for years of work not done.
Thus, security becomes the expensive bogeyman that everyone tries to ignore until they have to.
One of the big uplifts that we have done for OpusV’s clients, is putting in place the precursors and sound fundamentals for good security practice and policy. Often we are putting in “compatible” security systems, rather than full compliant, that allow for businesses to start down a maturing security pathway.
With a partner that understands that medium enterprises may have some budget for their technology spend, it is far from a limitless one. This is where pairing the low hanging fruit of “what can make the most difference now to minimize my risk” with a business lifecycle of development, can deliver a real business outcome. It lowers your businesses likelihood of being a headline or a crater, and means that as your business grows, and the the dreaded vendor compliance obligations come knocking, you have less security debt to pay off.
Today’s simple tip for low hanging fruit? Get Multifactor Authentication (MFA), also known as Two Factor Authentication (2FA), on all of your critical staff accounts.
Office 365 makes this relatively easy, your accounting and banking software will have almost forced this on you as a default, and it is a discussion you should have with all critical business software and platforms you use currently. This simple security uplift removes your company from the realm of “easy target” to one that requires determined effort or unusual screw up to target.
Multifactor Authentication is normally a free setting to enable on most technology platforms, and the app you install on your phone is also free. This can really be a very low cost setting to increasing the security at your business.
The next step after this? Well lets chat!