Virtualization Technology News and Information
Keys to a Comprehensive Cybersecurity Plan

By Chris Wayne, CTO, Yahoo Small Business

October is Cybersecurity Awareness Month. While cybersecurity and good cyber hygiene should be prioritized every day of the year, spotlighting this mission-critical aspect of business management provides a moment in time to revisit the key components of protecting a business from cyber-attacks, and prevents organizations from becoming a data disaster statistic.

Understanding and having a comprehensive security plan that spans your network, systems, and cloud platform is key to reprioritizing cybersecurity in 2020 and as we move into the new year. Following a few tips can put cybersecurity at the forefront of your organization's priorities.  

Maintaining security while digitally transforming

Business leaders know that digital transformation is necessary to keep pace with a changing industry-especially during this period of disruption. To maintain efficiency and optimize for growth, companies must look at how they're using technology to drive three key outcomes: improve operational efficiencies, enhance user experience, and remain agile enough to navigate industry shifts. Leading their company on a tech innovation journey to achieve these key goals requires careful consideration. Steps like containerizing and orchestrating microservices, implementing a service mesh for easier management and improved security, and leveraging a continuous deployment system can all help business leaders lead their organizations on digital transformation journeys that create business impact without jeopardizing overall security. 

Upholding network security

One often overlooked aspect of network security is upholding Wi-Fi best practices. As a tech professional or business leader, it's key to implement protocols and processes that ensure those accessing your network are supposed to have permission. Two Wi-Fi best practices include:

  • Ensuring your guest network and business network are both secure and separate in the office-keeping rogue devices out of your business network is key to maintaining security.
  • Implementing Wi-Fi Protected Access 2 (WPA2) for stronger data protection and network access control. Limiting access to only authorized users can help keep your Wi-Fi network protected.

Keep in mind the pitfalls of improper management of business and guest networks. You can also consider adopting network security monitoring software to know what's happening in your environment.

Integrating additional layers of security

In addition to network security tools, consider adopting a security information and event management (SIEM) tool to help monitor and manage your environment, flagging anomalous behavior and potential issues before they become catastrophic. Tool adoption can help a dedicated IT team more effectively manage their organization's security, and can also help companies with smaller IT departments that may not have an IT pro available on a 24/7 basis.

Data best practices

Data management and privacy must also be baked into an organization's cybersecurity plans. The 3-2-1 data backup strategy-three copies of data (production data and two backup copies) on two different media with one copy offsite for disaster recovery-should be adopted, to avoid an organization becoming the aforementioned data disaster statistic.

Tech pros must also understand the importance of creating a data retention policy. Creating a data retention policy is key for ensuring employees are trained on acceptable use and storage of customer or other employee personal data, and are trained on the proper ways of data "disposal."

Maintaining good cyber hygiene

Upholding security has always been a top priority for business leaders, but sometimes gets overlooked in the interest of maintaining business as usual and other business priorities. In light of the disruption created by COVID-19, prioritizing security has never been more important. Maintaining and prioritizing security is a shared responsibility, but it's up to an organization's leaders and tech professionals to take steps to ensure digital transformation processes; the network; systems; and data remain protected and secure today and every day of the year.


About the Author

Chris Wayne 

Chris Wayne is the Chief Technology Officer at Yahoo Small Business, where he oversees engineering, production operations, support and more. Chris joined Yahoo in 2004 as a manager at the HQ Desktop Support, became the Chief Information Officer for Yahoo Small Business in 2015, and the Chief Technology Officer in 2018. He is a certified Data Center Management Professional (CDCMP).

Prior to joining Yahoo, Chris was a combat engineer for the 82nd Airborne Division for the U.S. Army.

Published Friday, October 30, 2020 7:39 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<October 2020>