As businesses enable employee technology access from different locations, the risk of vital information being stolen or depreciation in security standards is incredibly high. Staff may be unaware of the adjustments to security standards, unintentionally leaking private details, or inappropriately accessing the company’s information without direct supervision. Under the Australian Government, a privacy breach of customer confidentiality can incur a penalty from $105,000 – $2.1 million. As a customer of the RBC Group, you can trust your company and customer’s privacy is safe using our ip2me or docs2me systems.
Many companies are undergoing specific security awareness training for their staff, especially those undertaking roles remotely under the COVID19 social distancing requirement. The level of training ensures staff form part of the ongoing defense as it teaches employees about cybersecurity, technology best practices, and even regulatory compliance. Ongoing training can keep track of staff by launching realistic phishing simulations the let you accurately monitor real-world responses, then direct awareness programs to users accordingly. These training exercises will enhance knowledge of the systems that protect confidential business information, encourage staff members to be the sole person using their work device, and ensure security software compliance is enforced on all devices.
Virtual Private Network (VPN) as part of Device as a Service (DaaS)
Using a VPN allows companies to manage the security and privacy of their staff’s remote technology access. A VPN can encrypt the network traffic between the staff member and corporate infrastructure, especially if staff access data over public networks. The misconception is you won’t have security issues when remote workers access your secure systems via the VPN. Insecure BYOD devices used to rapidly deploy mobile computer solutions as part of a COVID19 response lack the appropriate device management tools, application segregation, and security enhancements that can be delivered as part of a DaaS service. The RBC Group “DaaS” provides expertise and support for pre-configured hardware, software, and services. The service is inclusive of ongoing proactive management to ensure device security, optimised performance, and end of life sanitisation. Managing staff access, whether it be on their own or a company supplied Device outside of corporate networks, is a significant challenge and a capability that businesses must have to stay viable under the COVID19 work conditions.
With the current COVID19 situation, many organizations have are now forced to allow an unprecedented level of external access to allow users to continue to work uninterrupted from home. Our security specialists have observed a massive surge in the number of attempted infiltrations – from brute force password attacks to social engineering. To ensure online account safety, companies should also enforce multi-factor authentication.
There are many different variations of multi-factor verification. What that the fundamental principles to adhere to:
- The user logs in to the website or service with their username and password;
- The password is validated by an authentication server, and if correct, the user becomes eligible for the second factor;
- The authentication server sends a unique code to the user’s second-factor Device; and
- The user confirms their identity by approving the additional authentication from their second-factor Device.
Intellectual Property governed by Staff Non-Disclosure Agreements
Companies have updated their Security and Policy Guidelines to ensure all employees sign a non-disclosure agreement (NDA). It may not be necessary for all staff members but considered for those working in commercially sensitive areas of the business. Information Security Policies and Procedures that govern staff access ensure all staff understands their commitment to safeguarding corporate intellectual property.
RBC Group’s Hybrid Cloud technology gives businesses the functionality they need to operate under COVID19 restrictions without compromising their information security. The Hybrid Cloud platform is easily accessible, whether working from the office or home. The technology solution is delivered as a managed service, and many businesses have achieved cost savings as the platform is optimised to meet their immediate needs and can scale to meet operational requirements.
Using RBC Group’s Automation services will allow clients to effectively manage their company when physical contact mandates the removal of paper or contact-based systems. Our Business Automation solutions support companies to deliver an online transition that incorporates workflow efficiencies for Accounts Payable and Contract Management services. The outcome for some companies is the ability to fast-track processes and enable staff to manage paper-intensive components of business better.
As technology grows and becomes more accessible, all businesses must make the first steps to ensuring their business’ data is secure. RBC Group has various security enhancements to support their clients and ensure the safety of their data. These methods include Intrusion Protection Auditing, which allows team members of the RBC Group to review systems and minimise potential risks. RBC Group is also able to support you in protecting your framework, reducing the chances of your company being compromised, and provide business continuity capabilities where required. RBC Group offers educational exercises as well, ensuring that staff of their managing companies are aware of the Cyber Security risks and how to manage privacy online.
While printing services may not be needed in the corporate location at this time, RBC Group is receiving incredible growth from its clients to deploy multifunctional print capabilities from home locations. Security breaches are often delievered using the path of least resisteance, which in hardware would be the print device. We are deploying smaller devices from remote locations without forfeiting device security.