Mumbai: 5 Step security approach to protect the Indian enterprise – is Deloitte India’s latest cyber advisory. These unprecedented times of COVID-19 have brought the need to ‘Go Digital’ in all aspects of life including business continuity through virtualised infrastructure at one end and work from home (WFH) being the new way of operations for India Inc.
With WFH becoming the ‘new normal’ amidst COVID-19 crisis and cyberattackers and virus lurking in the shadows, enterprises can adopt a 5 step security approach to reassess their exposure to cyber challenges and secure their enterprises as per a Deloitte perspective.
5 Step security approach will help Indian enterprise to secure their digital journey and assets including data, software applications, and businesses. And protect from cyberattackers and cyberthreats as well.
1. Implement multi-factor authentication: Organisations should enable multi-factor authentication (MFA) across all internet-accessible remote access services including – Web and cloud-based email, Collaboration platforms, Virtual private network connections and Remote desktop services
2. Implement an ongoing cyberthreat education and awareness program for organisational users: Educate users on current threats, the dangers of opening attachments or clicking links from untrusted sources, and the basic actions needed to prevent infection. Educating users to be wary of unexpected email messages, and to authenticate them with their ostensible senders before opening any links or attachments within them
3. Know your most critical data and systems and where they are located: Not all data and systems are of the same value to organisations and attackers. Knowing the ‘what’ and ‘where’ of critical data and systems allows you to target resources on your most important assets first. When trying to protect everything in an organisation, critical data and systems cannot be overlooked. Ensure critical data is backed up and systems are recoverable.
4. Update your patching regularly: Internet-facing infrastructure is a primary target for attackers. By patching this infrastructure, you can help prevent attackers from exploiting known vulnerabilities in the software in order to gain access to your network and systems. Its recommended applying patches within 48 hours of release.
5. Monitor and analyze activity on your most critical systems: A critical component of protecting your environment is to understand what is happening in real-time. Without this visibility and what has already happened to your systems and data, you are effectively operating blind.
“In the era dominated by digital transformation, Indian enterprises have been susceptible to some major cyberattacks and threats as a result of businesses transitioning to cloud with broader networking capabilities,” said Shree Parthasarathy, Partner and National Leader – Cyber Risk Services, Deloitte India.
While these threats are not new, their sophistication and frequency have increased and businesses need to draw immediate crisis management and resiliency action plan.
“A robust and consistent layer of identity and access management built with a multi-factor authentication and encryption policy will help in aligning a thoughtful cybersecurity policy to overcome the dual crisis hovering over the country,” he added.