This is part of a running series where we ask cyber leaders about the assumptions and mistakes that enterprises keep making in cybersecurity and how the industry can address them to mitigate irreparable reputation damage, compliance fines and mass-scale breaches.
Will LaSala, Director of Security Solutions, OneSpan
“There are a few notable items that people often overlook when it comes to securing enterprise systems. The first is that IT managers often see security as a “one size fits all” solution. As a result, end-users are often forced to use old or antiquated security solutions because the entire organization utilizes that solution. In today’s world, there are adaptive security technologies that can examine online transactions or access type, and then apply the correct level of security controls necessary for that specific incident’s level of risk. This grants your employees access to less risky security components, including personally identifiable information (PII), and only interjects with stricter security controls if they try to access more sensitive information.
Another common security misstep involves mobile enterprise security. Enterprise companies are still using old, heavy mobile device management solutions to maintain security on employees’ devices. These technologies can be intrusive and often increases the helpdesk support lines – as it makes every problem on a mobile device an issue for the IT team. By implementing new, mobile application shielding technologies, organizations can secure sensitive apps and ensure they are protected, even when being used on unprotected devices. Lastly, organizations need to embrace the move to the cloud. We often see organizations with zero-trust infrastructures, but they miss one of the biggest pieces – the security components. Moving to cloud-based security solutions should help organizations with digital transformation.”