The working world is currently changing. Companies are embracing new technologies to increase their efficiency and productivity. Employees no longer have to be always present in the office; they now have the opportunity to work from wherever they want—whenever they want. This flexibility in the working world is shifting the focus of data and IT security and demands new security concepts.
This is due partly to the fact that employees have become the primary target of cyber-attacks and partly because employees cannot be 100% protected by their company’s security solutions, gateway firewalls, network IPS etc.
As part of the workplace of the future, existing security strategies need to be widened and enhanced. The multitude of ICT devices that employees will be using in the future requires new technologies that can monitor the various information channels—networks, mobile data media, the web, e-mails etc.—detect threats and introduce suitable counter-measures One of the new technologies is machine learning. Systems with the appropriate capabilities employ mathematical calculations to determine the level of danger posed by each threat with information such as: “When was the file created?”, “Where was it created?”, “Who created it”, “What type of file is it?” and “How does the file look?” playing a vital role. With these details, machine learning is far better equipped to detect and remove malware and zero-day-attacks.
The modern workplace relies heavily on cloud applications. The platforms that host cloud applications are very well protected and certified to international standards. Despite this, information and applications still need to be protected against unauthorised third-party access. Encryption can block this, stopping outsiders from viewing your data meaning that wherever your information is stored, it’s still protected. Additionally, files should be checked for anomalies loaded in the cloud application, thereby minimising the risk of infections in internal systems.
In addition to protecting information, application access also needs to be secured. Authentication can be stepped up a factor by introducing user name and passwords such as a random pin number that changes every 30 seconds. This type of mechanism makes accessing information considerably more difficult, if, say, a user’s identity is stolen.