Think twice before sharing sensitive data
Pay attention to permission requests from apps. In a Norton survey, one in four admitted they did not know what they agreed to give access to on their phone when downloading an app - this could include personal information, location data and access to contacts.
Use a multi-layered approach
When considering IoT devices, employees should factor in a multi-layered approach to security, while also ensuring comprehensive protection of their data through backup, availability and overall management.
Security best practices for businesses
Don't get caught flat-footed
Use advanced threat and adversary intelligence solutions to help you find indicators of compromise and respond faster to incidents.
Employ a strong security posture
Implement multi-layered endpoint security, network security, encryption, strong authentication and reputation-based technologies. Partner with a managed security service provider to extend your IT team.
Prepare for the worst
When it comes to security, nothing should be left to chance and knowing Murphy's Law, it is better to be safe than sorry. Your security measures should encompass any and every possible breach scenarios.
Incident management ensures your security framework is optimized, measureable and repeatable, and that lessons learned improve your security posture. Consider adding a retainer with a third-party expert to help manage crises.
Provide ongoing education and training
Establish simulation-based training for all employees as well guidelines and procedures for protecting sensitive data on personal and corporate devices.
Regularly assess internal investigation teams to ensure you have the skills necessary to effectively combat cyber threats. At Symantec, we run a weekly practice drill where phishing emails are sent to employees. As the occasional employee fall into these traps, we are constantly reminded that we can never be too complacent when it comes to cybersecurity.
In essence, businesses need to understand that using IoT devices can put them at a greater risk for having data stolen or used unknowingly without their permission. At the same time, they need to ensure that suppliers are prioritizing security upfront and building security into the connected devices.
Sign up for CIO Asia eNewsletters.