Has your business chosen an appropriate communication and file sharing tool that can be relied upon in the event of a complete network shutdown? While many businesses maintain a business continuity plan to help them assess potential threats to their organizations, surprisingly few specify the communications tools that should be used in the event of malicious cyber attack (or other a system outage), that renders the corporate network unavailable.
For CIOs and IT teams, the debate over which secure enterprise messaging app to use is typically fought over the level of security on offer. However, for business users, the decision is often less clear, and typically the result of poor understanding. New research has highlighted that many people remain unclear over the level of protection offered by secure, end-to-end-encrypted (E2EE) messaging apps, when compared to basic services such as SMS text messaging (and even phone calls).
The answer is: “Yes, but it depends on the app being used!”. Public sector employees are no different to their private-sector counterparts in that they’re demanding more modern, mobile solutions for collaboration and communication. However, without clear direction from ICT leaders, many are becoming reliant on consumer-grade tools that put data, and digital compliance, at risk.
Any talk of security usually defaults to external threats. But what about threats from inside of your firewall? How often do you consider those? Of course, no one likes to think of their employees as untrustworthy, but the reality is that employees are responsible for 54% of data breaches. And while many of these threats are simply down to negligence (an employee being compromised by a phishing attack, for cexample), a large amount involved malicious intent.
Imagine the scenario. Your most valued client receives an email from you requesting an invoice payment. Being the great client that they are it’s processed promptly! The trouble is, that email wasn’t really from you. It was sent from a cyber attacker who’d gained access to your corporate network and spoofed your identity – tricking your client into making payments into criminal accounts.