December 23, 2019 | Phil Etherton | Director, Security Services
Spinnaker Support’s security team is beginning its ISO/IEC 27001:2013 audit cycle and keeping UK Cyber Essentials and Privacy (Privacy Shield/GDPR/California etc.) Guidelines and Laws in perspective. I’ve personally begun to think about 2020 and the larger trends we expect ahead – and that you and your security teams should keep in mind.
So here are four areas that should be a primary focus heading into 2020: data classification, advancements in encryption, cloud security, and the future of 5G and IoT.
Data and information go together, as they really are the same thing. As we close out 2019, one thing is very apparent: we need to keep our data properly classified and managed.
Doing this ensures we meet privacy compliance as well as handle our informational assets in an appropriate manner. This helps to avoid future exposure of “stale information,” that is, information that is no longer needed for business use but could be used for malicious intent. Stale information must be deleted if not needed for an actual business purpose.
That said, a simple way to classify information is to organize groups of information based on a default. For example, all emails could be classified as “Restricted” unless noted otherwise, i.e., “Public” or “Critical.” Data classification tools have been a major business in the last two years and will continue to be in 2020.
Advancements in Encryption
A second trend to look forward to in 2020 is Advanced Encryption Standards (AES). As the internet gets faster with supercomputers and quantum computing, hackers will be (and are currently) able to break basic encryption in minutes, if not seconds.
The “good actors” are working on solutions around this. I’m not certain the answer is out there yet, and I would expect it will make “logging-in” a bit more arduous as we defend against the future hacker. The best practice is to utilize multifactor authentication across multiple devices, using a code and not a push-button method if possible.
Another trend to keep your eye on as a potential solution is cloud-based security for storing business and personal data. Cloud-based security has grown by leaps and bounds over the last few years, and it is my prediction it will continue to do so in 2020.
Giving your data/information to someone else to protect is a new norm. Is storing sensitive data in the cloud-hosted by a large target corporation the best thing? Only time will tell.
Presently, this seems to be a safer way to offload the personal stress and workload of securing your sensitive data. Give it to someone else; a corporation that has many staff members working to ensure your data/information is secure. Potentially, this is a more secure option than a personal, portable hard drive that gets left in the seat pocket on the airplane.
5G and IoT
Lastly, with the rollout of 5G on a grand scale in 2020, internet speeds will certainly enable many more IoT devices across the world. This will, in turn, create many more opportunities for “bad actors” to hack our lives and information – and at very high-speeds.
IoT devices are managed and connected to our personal devices and computers. For a hacker, it is just a hop, skip, and jump to connect from an IoT device to all your personal and business data. From a simple iWatch to a Roku device, even your refrigerator is an attack vector now. Additionally, companies are already compiling this data and building algorithms to make decisions based on your IoT device behaviors.
That said, while there are not many all-encompassing IoT security/privacy solutions on the market right now, I am certain they will come soon. For now, I recommend you protect your data, encrypt, only install trusted software, and use a VPN, anti-virus and anti-malware software on your devices that contain personal and business information.
Summing It Up
Since the advent of integrated PCs, digital phones, tablets, IoT – a.k.a. “The Single Pane of Glass” – security teams have constantly struggled to keep up with the technologies and “bad actors.” Here at Spinnaker Support, we prioritize the security of our customers as well as our own data and applications.
As in 2019, our global team of expert engineers will continue to work with you and your technical team to craft solutions in 2020 that works for you, based on your unique business model and environments.
Cheers to 2019! Welcome, 2020!