Recent Ransomware Attacks
Ransomware attacks in 2021 affected such major organizations as Colonial Pipeline, Steamship Authority of Massachusetts, JBS (the world’s largest meatpacker), and the Washington D.C. Metropolitan Police Department, among many others. In December 2021, “cybersecurity firms found government-linked hackers from China, Iran, and North Korea attempting to use the Log4j vulnerability to gain access to computer networks. Following the announcement of Log4j, researchers quickly found over 600,000 attempts to exploit the vulnerability.” (Center for Strategic & International Studies report on significant cyber incidents.)
The Weakest Information Security Link: Human Factors
We know that information security is not only a technology problem, but at its root a people problem. Business information systems have been undermined by people who have weak passwords, lost media, and other bad practices. While information technology developers aim to make it easier for users and customers to gain access to systems and data, it is often making it easier for hackers to penetrate systems. Getting the right balance is not easy, especially in a world of continually evolving threats and technology.
Information security practitioners have been slow to address the weakness introduced by the human factors, but it is now getting recognition, largely because of a series of high-profile security breaches. It is clear to everyone that data leakage prevention is a priority for any business process.
How to Gain and Maintain Data Security
So, what can be done to assist people in organizations to secure the information that they access? Below are the first steps that can provide huge results.
Password strength – Skip your pet’s or mother’s maiden name – use up to 15 random characters/symbols.
Recognize phishing – Understand that no reputable government, banking, utility or similar organization will ever request personal or corporate information.
Identify external communications – Set up your email policies to clearly recognize and identify any communication from external sources.
Role-based security – Create and enforce advanced access by assigning permissions based on level of access and user categories.
Enable firewall protection – Set up a firewall to protect data against attacks, especially for those working from home.
Connect to a secure wi-fi – Secure and encrypt all wi-fi networks.
Promote education and training – Train employees on information security and provide written policies so there is no ambiguity.
Next Steps: Technology Solutions for Information Security
The above points are the first steps to mitigate risk and protect your data and other assets from fraud, theft and ransom attacks.
The next step is to move your sensitive data to a cloud-based applications platform, like Fuuz, so that you can allow your employees access securely, without exposing your inhouse network to severe vulnerabilities. Fuuz offers the security and infrastructure in place on an order of magnitude much greater than anything any small to midsized business can afford.
Fuuz: A Secure Applications Platform
The Fuuz platform is a cloud-based, multi-tenant solution that provides much more scalable security, more uptime, and less vulnerability than anything you can implement in-house or on your own networks. Even moving your operations to the cloud, for example to Azure or AWS, isn’t the same as setting your organization up with a secure cloud platform like Fuuz. Simply “being on the cloud” does not guarantee any level of security for your business. Features such as firewalls, honeypots and geofencing are not standard off-the-shelf options that come with your $15/month subscription. The cost of adding the right security features can easily put you into the tens of thousands per month, plus the expense of staff needed to manage the information security features.
Businesses gain significant information security benefits from upgrading operations to an applications platform like Fuuz.
Fuuz from MFGx is a no-code, low-code, pro-code cloud SaaS solution that connects enterprise software systems with machines, smart devices and the people who use them. It delivers a single source of integrated information, helping customers fulfill the promise of the Industrial Internet of Things (IIoT). Fuuz integrates existing applications, including MES, WMS, shipping, PLC and machines, enabling secure real-time visualization of your data.
Request a demo today.
About the Author
Earl Campbell is a Project Manager with Fuuz, the applications development platform built by MFGx.