Monday, July 4, 2022
Bringing the Latest in News Straight to Your Screen


Expanding To New Markets And Outsourcing Teams While Keeping IT Infrastructure Safe

By News Creatives Authors , in Small Business , at August 26, 2021

Stefan Leipold CEO of STARK & ProSysCo.biz and StefanLeipold.com.

After a recent conference call with the Forbes Business Council (LA, Texas, NY) about “How to get people back to work and/or outsource to India, Philippines or Mexico,” I’d like to share some very important cybersecurity insights. At STARK, we are in the exact position that the conference call suggested: We expanded and partially outsource to Mexico City. The first and most important focus was how to grant the new team members access to our existing local and cloud IT infrastructure without jeopardizing the corporate security and always keeping access to confidential client information secure.

While we are using cloud-based email, we enforce strict password policies (lowercase, uppercase, numbers, symbols and minimum 12 characters), plus a two-step authentication enforced by an authenticator app. Furthermore, all shared files need to have an access basis with appropriate rights to the job-specific person. Another important rule, which is one of the most common mistakes companies and individuals do, is end-to-end encrypted email (outlook feature) so that the email can only be read by the specified person. Commonly shared and needed files like credit cards or IDs via pdf also need to be password protected in order to open the files by the receiver.

It is more and more common that companies have remote workers or virtual assistants during Covid-19; therefore, the IT security of the remote worker needs to be upgraded in 95% of all cases. Meaning, in the best-case scenario, a UTM firewall should be installed at the remote workers’ sites and connected via VPN to the cooperate office. PCs/laptops and mobile devices must have the latest operation system and system patches/updates and a fully licensed professional version of antivirus/malware installed. The same importance should be on enforcing strict and strong password policies (lowercase, uppercase, number, symbols and at least 12 characters long). Mobile devices (mobile phones, tablets and laptops) also benefit from a privacy screen.

Other very convenient tools often used by corporate teams are video calls and instant messengers, which are cross-platform compatible and are a fast and easy way to access teams and share information. The focus here should also be on security not price. For example, the free version of Zoom is not encrypted but the membership versions are. Additionally, companies can use free tools to chat, but I advise programs like Slack Pro for encryption or, even better, Microsoft Teams because all communications (video, chat, file sharing and collaboration) are always encrypted by default. Meeting links and access codes should be generated for each meeting to avoid unpleasant surprises when hackers take over the meeting as seen this year at schools, events and court hearings.

Most countries are slowly opening up, which means people are starting to work from public places again and social engineering and ethical hacking are huge threats — the number of cybercrimes during the pandemic has quadrupled. As mentioned in my previous article, “Cybersecurity Policies In The Age Of Remote Work,” the repeating education about IT security policies and operation procedures “do’s and don’ts,” who to contact and what to do immediately if there is an IT security issue/breach is important for companies.

Remember, there is no perfect solution, nor 100% IT security, but you can give 100% while designing your IT security guidelines and infrastructures, have them tested by independent cybersecurity specialists and contractors and on a repeating basis.


Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?


Comments


Leave a Reply


Your email address will not be published.