Trends and Developments in VPNs
Enterprise VPN: Important Trends Shaping the Future of Secure Communication Across Network Boundaries.
Intruders in the building: Valuable items have been stolen even though doors and windows are closed. Someone got hold of the key and just unlocked the door! Does this scenario sound unlikely? In companies, this happens more often than you might think – in terms of IT security.
By now employees should know what to do and what not to do when it comes to data protection. Finally, companies have an indirect obligation under the GDPR to provide regular data protection training to all employees. Nevertheless, even CEOs or other high-level employees often use only one master password for all services and applications. In the worst case, they probably even write it down too. It’s only a matter of time before the password gets into the wrong hands. You might not think so right now. But it will happen eventually.
A study by the security provider Beyond Identity reports that every third user in Germany still writes down their professional passwords by hand. Every fourth user always uses the same passwords. It is therefore hardly surprising that 42 percent of the users surveyed have already experienced their password being compromised several times. Now you could say: “It doesn’t matter, everyone makes mistakes, we all know that.” However, such lapses are not as harmless as they might seem. Such mistakes in securing your IT can have fatal consequences for the entire company.
IT must therefore look at typical mistakes made by employees to be able to take the right countermeasures. However, this happens far too rarely in IT security. Serious errors occur repeatedly, especially when dealing with passwords. IBM have found that a whopping 95 percent of data thefts are due to human error. Passwords written on post it notes and stuck to the monitor are just one of them.
Curious to learn more? Security provider Proofpoint has dealt with human errors and their impact on IT security in a study:
The examples show that far too many users in companies still do not really take IT security seriously. People often still believe they will be safe: “It won't happen to us”. Unfortunately, the opposite is often the case. Ultimately, it is only a matter of time before a more or less serious security incident occurs.
Bitkom Research found that only one in two companies in Germany has a contingency plan with written procedures and ad hoc measures in the event of data theft, espionage or sabotage. However, this is necessary in order to avoid wasting valuable time in the event of an incident. Every company can and will become the victim of cyber attacks, warn the authors of the study, regardless of industry and size.
“Once the company IT is infected or paralyzed, high costs are incurred, which can go as far as weeks of production downtimes,” comments Simran Mann, Security Policy Officer at Bitkom. “Employees can make cyber attacks easier or more difficult,” continues Mann. After all, the employees are “the first line of defense against cybercriminals”. Ultimately: “Companies should definitely inform about risks and types of attacks and provide information on the right behavior,” recommends Mann.
Introducing new technology means nothing without raising awareness in the company. Equally important are training courses and regular security awareness training. Only in this way can human mistakes and errors be reduced to an acceptable level in the future.