Q&A: High Tech & Cybersecurity

New Hampshire companies know they need to have the best technology solutions to maintain their edge in the marketplace. But with growing threats of cybersecurity breaches happening worldwide, the need for the right solutions has never been greater.

Daystar in Newington provided the following insight into how fellow New Hampshire firms can best address their high-tech and cybersecurity challenges going forward.

Keith Bamford, CEO and co-founder, Daystar, Newington

Q: What technology investments should I make now to support my business through an uncertain economic environment?

A: The first half of 2022 saw businesses wrestling with a trifecta of supply chain issues, staffing challenges and rising inflation rates not seen since the early 1980s. Rightfully so, businesses are making plans and contingencies for continued economic uncertainty. Making the right technology investments now helps businesses support operational stability. Two main technology investment areas that can help are process efficiency and cybersecurity.

Supply chain disruption and lack of staffing slows businesses down, while rising inflation results in increased costs. Look for ways to increase efficiency and streamline processes to insure business operations. There are many software and cloud-based applications that digitize and automate processes, like HR and payroll automation, e-mail marketing applications, customer relationship management (CRM) platforms or enterprise resource platforms (ERP).

While many businesses are using some of these efficiency solutions already, most are not using them to their full potential. Identifying ways to integrate new efficiencies using your existing tools is a great way to increase the ROI on an investment you have already made. Work with your IT provider to find opportunities to improve processes and plug any potential gaps. If your existing applications won’t address them, look for new solutions that will.

Lastly, when times are tight, the last thing you need is to experience a cyber breach. A cyber incident is extremely costly and time consuming. Whether you have a formal cybersecurity strategy or not, take the time now to review your tools, configuration and defenses to shore up security. It is important here to focus on your company’s endpoints, or devices, and not just the network. This protects your data out on the edge, whether the device is in office, remote or hybrid.

Q: There’s a myriad of security methods, products and platforms. How deep do I need to go?

A: This is such a common challenge for businesses and one that is truly unique to each one. Sure, some industries have more clarity due to compliance requirements, such as the military, financial institutions or healthcare. Others take a little more effort to understand. It’s not the size of the business that matters; just because a business only has a staff of three doesn’t mean their security needs are lowered. What matters is the data they hold.

It’s important to assess your business’ risk profile. Understand your data, where it is stored, how it flows, who accesses it, and what is impacted if it is exposed or compromised. An often-overlooked area is your customers. Who are your customers? What access do you have to their data? Do they fall under any compliance requirements that might extend to you? Take the time to explore what your level of risk tolerance is. It is often lower than you think. Work with your IT provider to assess your risk level and implement the appropriate security controls.

Also, if you have cyber insurance (which we highly recommend), your risk levels will be assessed to some degree as part of the application or renewal process.

Q: What are the top security challenges facing a remote or hybrid work environment?

A: Many businesses are working through the complete implementation of remote and hybrid work environments. Whether it’s from a security standpoint or new collaboration, human resources or culture challenges, many of us are still navigating this new business landscape.

From a cybersecurity perspective, businesses must wrestle with the decentralization of the network. All users are not on the same network, protected by the same firewall, using the same internet connection. Home network environments host a wide array of devices, such as family iPads, laptops, gaming systems and IoT appliances which opens new threat vectors. According to Deloitte’s 2021 study, the average U.S. household had 25 connected devices.

These devices are all unknown to your business environment but could potentially impact it.

The lines between home and work have blurred somewhat. It’s important to clearly define acceptable use guidelines for companyowned devices. Secure and manage smartphones and tablets remotely via a mobile device management (MDM) solution.

Simply having a cloud-based server doesn’t guarantee protection. If a remote worker is compromised on their home network and then logs into the server, you are at risk. Likewise, if a hybrid worker comes into the office and connects to the network after working on a compromised network, you are at risk.

In some cases, it is advisable to segment a remote worker’s home network. However, that can be costly and complicated. An alternative is to bulletproof and create visibility into your remote endpoints. Layer cybersecurity protections across devices using zero trust, managed detection and response, and multifactor authentication. Placing multiple tiers of protection and building real-time visibility with automated reactions will greatly mitigate risks inherent in the remote and hybrid workplace.

KEITH BAMFORD
CEO and co-founder
Daystar, Newington