While the two years of the pandemic have accelerated the adoption of digital technologies globally, they have also brought forth a host of cybersecurity issues. Reports of ransomware attacks, data thefts, phishing attempts, etc. have made evident how vulnerable companies and users are to such threats. Mary Jo Schrade, assistant general counsel and regional lead at the Microsoft Digital Crimes Unit Asia spoke to Shruti Dhapola on issues related to the cybersecurity domain and the best practices that need to be followed. Excerpts:
What are the key challenges being faced by enterprises in the post-Covid world?
The Covid-19 pandemic changed many aspects of our lives, with remote work becoming normal being one of them. IT departments are now required to not just manage their own infrastructure, but also other things. For example, if you are accessing your work email on your cell phone, and it is not managed by them, then that’s a risk. Even something as simple as the router that you use at home can present a risk to your company if you don’t update the firmware in the router when updates are available.
There are multiple challenges that companies have to deal with today. Even though bigger enterprises have a larger staff to handle these issues, their complexity can be difficult to manage. And small businesses and medium businesses have an even harder time when they don’t have their own staff to deal with the issues.
We’ve heard a lot about ransomware being used against organisations, with attackers stealing data and often wiping it clean. Could you elaborate on the scale of these issues and how are companies to protect themselves?
We’ve seen an increase in the number of attacks and the size and sophistication of the attacks. Remote work has basically opened more entry points for attackers. But what is fundamentally needed — regardless of the type of attack — is that companies put in place multi-factor authentication for their business and for everybody in their business. You only allow what is called ‘least privileged access’. What this means is that if you as an employee want access to your employer’s data, that’s going to be evaluated individually each time.
You make sure that everyone uses multi-factor authentication, and that you use it in ways that are most trustworthy. The criminals are smart, but the ways of protecting ourselves are smart too, and they’re very effective.
What exactly do you mean by multi-factor authentication and why does it have an edge over, say, the traditional two-factor authentication?
Two-factor authentication on a phone can protect but it can also be circumvented by SIM swapping. For example, a cybercriminal can get its number transferred to their phone by misleading the help desk at a cell phone company or something like that. But if you have other factors in place, including the location of the computer that’s trying to connect, things can be taken care of by multi-factor authentication. Also, you look at any other anomalies in the device and how the device presents itself on your system. That is why you might find it hard at first to access some of the sites you normally visit when you have a new device, because they don’t trust your device.
It’s such layering of security modes that is ultimately impactful and boosts security. So Windows Hello that we use has a Facial Recognition feature. If you have that in addition to something else in the phone or the device, those things can also be used for multi-factor authentication.
How does moving to the cloud protect businesses better?
One reason for moving to the cloud is the protection that it offers. And that’s especially important for small businesses. If you can’t have your own staff, moving to the cloud allows you to outsource a big part of what your staff would do, with the cloud protecting you and looking for anomalies and flagging issues.
India has a lot of small and medium-sized businesses, and this can be their way of dealing with all these challenges when they themselves are not experts in the field. People who have kept their systems on-premises are realising that they are more at risk because they don’t have those automatic updates coming through, etc.