Careers Privacy & Security Future-proof and secure workspaces now, says report Howard Solomon @HowardITWC Published: October 13th, 2016With organizations putting more applications and data in the cloud and more employees working remotely and using social media comes another reminder that CISOs have to adopt faster for a new workplace.It comes in a report from Frost and Sullivan, paid for by integrator Dimension Data, which warned there’s a greater need than ever to implement appropriate measures to secure data, infrastructures and applications.Citing another report, it notes that in Canada 44 per cent of full-time employed Canadians today are able to work remotely, and 70 per cent of full-time millennial workers say they would be more satisfied in their jobs if they could work remotely using cloud.Already, close to 80 per cent of knowledge workers globally work remotely at least one day per week, says the report. By 2020, up to 1.55 billion workers will be responsible for work that doesn’t confine them to a desk. And knowledge workers are increasingly going to demand flexibility, it adds. Not only that, the Internet of Things means more devices will be connected to enterprise systems, multiplying opportunities for a cyber attack. Related Articles The top ten IT security tools for 2016 — and why the CSO should careNational Harbor, MD — At its Security & Risk Management Summit this week, analyst firm Gartner Inc. outlined the top... June 17th, 2016 Ryan Patrick @ryan1patrick How CISOs can find and secure rogue cloud applicationsAn insurance company is not the enterprise whose staff should be fooling around with insecure cloud applications. But with software-as-a-service... June 26th, 2015 Howard Solomon @HowardITWC “Hence, it is imperative for companies to adopt a proactive cyber risk management strategy to safeguard their most critical assets,” says the report. Risks not only include data theft but also data manipulation and, through DDoS attacks and ransomware, data denial.Cloud applications are a tempting target for attackers, it adds. It notes business chat application provider Slacks suffered a breach last year that exposed user profile information including as login usernames, passwords, and other personal data such as phone numbers and Skype IDs. “With the information, a cyber criminal could potentially log into users’ accounts to access sensitive corporate data residing in their chats within Slack, containing confidential details about intellectual property and sensitive press releases. “As future workspaces could potentially use cloud-based collaboration tools like Slack, it is important to be aware of the possible attacks to these platforms and the proper security measures to mitigate these threats.”Smartphone-enabled smart locks for buildings are available to lock and unlock doors without the use of keys. But, the report says some have been found to be vulnerable to simple hacking tools. “In fact, 75 per cent of smart locks can be easily hacked to unlock at will, according to two researchers who tested 16 different smart locks at a major hacker convention in 2016.”At the same time it advises that while security technology is essential in any organization, so is security awareness training for employees.Other defences the report advises include–integrating a cloud access security broker (CASB) into the SaaS applications enterprises use, which offer authentication and encryption when accessing cloud-based services;–adding data loss prevention (DLP) solutions, which can protect sensitive data in public cloud applications;–add actionable cybersecurity intelligence;–perform a vulnerability assessment across all devices to identify gaps cyber attackers may potentially exploit. Penetration tests will also help find those gaps;–conduct regular cyber drills to ensure security staff are prepared for an attack;–consider creating a cybersecurity operation centre to monitor the threats in real-time, manage security solutions, and promptly react to risk indicators before an attack infiltrates the organization.Would you recommend this article?00 Thanks for taking the time to let us know what you think of this article! We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →Jim Love, Chief Content Officer, IT World Canada Careers, Privacy & Security security strategies