Cyber Security vs Productivity – Can You Have Too Much Protection?
7 min read
Cyber security risks are on the rise. More and more incidents are gaining national attention. Hospitals are being targeted with ransomware. Oil pipelines are being forced to pay large sums of money to hackers. Even hacking into social media is becoming more of an issue.
Here at Novatech, we have decades of experience with networks, security controls, and helping businesses run smoothly. In this article, we are going to cover VPNs, cloud security, and also data loss protection (DLP) to help you understand how to maintain speed, while also keeping your data protected.
By the end of the article, you will have a better understanding of where you can make changes to keep your organization safe without losing required employee productivity.
Cyber Security Stack
The rise in risk in turn has companies adding more security to their systems. They no longer use just anti-virus (AV) software and a firewall to keep intruders out. Now security comes in many different layers, so if one aspect fails, other technical controls can keep your data protected.
The solution to so many emerging threats is approaching all aspects of your network with security in mind. This includes network security, endpoint security, security tools, and even having a cloud security stack if you have offloaded some of your operations.
Security posture for your organization has to be primed to recognize a threat, isolate it, and take it out before it can spread. Malicious actors are always a potential threat, so detection is vital to end a cyber attack before it can gain momentum. It has become even more important with the new culture of remote work for key employees.
What does a typical cyber security stack look like? Modern-day organizations include MDM or mobile device management. Penetration testing tools will test your network. Endpoint security controls what applications can run and which ones need to be sandboxed. Remote access can be done through RDP and VPN connections, so that remote workers can access their machines from the comfort of their homes.
When you combine together all of these different facets, it is like pieces of a puzzle coming together to create a larger picture. Say an employee with your company has a phone that was jailbroken, so they can add in new apps. This becomes a new attack surface that malicious actors can target. If the phone gets compromised though, you still have security controls in place. Endpoint protection and also threat detection can make sure phishing attacks and malware can’t succeed. Attacks are mitigated before a data breach can impact your reputation and also business continuity.
Does Security Make You Slower?
You want to make sure you cover all your bases with security, but there are tradeoffs with everything. Encrypting data keeps it protected, but it slows down how fast data is transmitted. Keeping backups of everything makes sure you have multiple copies of all of your data, but it also takes up precious processing power. Data loss prevention will make sure that private information is not exfiltrated outside of your organization, but once again, your system will act as a checkpoint to check everything that is leaving your network. It is a difficult balancing act that every organization needs to look at.
How secure do you want your network versus how fast you need to move to keep up your normal workflow and rhythm?
Virtual Private Networks
Virtual private networks or VPNs are integral to keeping your organization safe. If you have ever connected to your computer at work from your house, you probably used a VPN. You can think of this as an encrypted tunnel for traffic to flow through. Everything inside the tunnel is safe from prying eyes. This is great from a security perspective. You don’t have to worry about anybody sniffing around your traffic. Private company information is safe, even when the employee is working from home. There are some downsides though.
Speed suffers when using a VPN to transmit data. If you are used to 100 mbps speed when connecting to work without a VPN, you can expect your speed to drop by about 20% depending on the setup. This degradation is to be expected. When traffic is diverted and forced through the encrypted tunnel, it takes longer to reach the network that you have at the office.
If speed is integral to your business, a VPN may slow things down to the point where you can’t even do your job properly. For users that are in more rural areas where speeds are already slow, adding a VPN can bring down data speeds to a point where the connection will drop, and data going back and forth will be lost.
VPN Solutions
There are some VPN solutions that you may want to consider to maintain a good balance between keeping your data secure and also maintaining good speeds. VPNs can be run in a full-tunnel mode or just half-tunnel. This might seem complex, but the idea is very simple. With a full tunnel, all of the data going back and forth will be encrypted. This is good when you want to protect everything, but it slows down the flow of business.
Half-tunnel mode works just as the name implies. Instead of encrypting all the information that is going back and forth, you encrypt just some of it. This does not necessarily mean you encrypt exactly half of all the data, but just a portion of it. A solution like this is perfect when you are downloading a mixture of private data versus data that can be public. For data that is not as important, it can be left unencrypted. If attackers got hold of it, they could perform reconnaissance against your organization, but it would not be as serious as leaking SSN information or private medical information. All of this can flow through the encrypted tunnel to make sure your most valuable data is kept locked up and protected.
Data Loss Protection
Another valuable layer of cyber security is DLP or Data Loss Protection. Just like the name implies, it stops private data from being exfiltrated out of your organization. In the world of cyber security, you can’t just worry about hackers from outside your organization. You also need to consider that there might be insider threats.
An insider threat might come in the form of a disgruntled employee looking for revenge. An employee who works for your company might also be motivated by money and what the competition will pay for business secrets. In terms of intellectual property, some organizations will pay millions for valuable data that they can use to be first to market.
Data Loss Protection guards against threats like these. It monitors data moving in and out of the network. If it picks up on an employee trying to move social security numbers to an external server in bulk, it will trigger an alert. The DLP software can be fine-tuned to the point that it can pick up on anything that you program it to look for.
While DLP is an excellent security policy to make sure your information doesn’t fall into the wrong hands, once again, it takes extra time, money and processing power. Your organization will need to take time to fine-tune the cybersecurity measures to avoid false positives. More processing power will need to be devoted to looking through those mountains of data that pass in and out of the network each day. In the end, the CIO will need to make the determination regarding how many resources to put toward protecting the network.
Cloud Versus On Premise
In terms of staying safe from hackers, you also need to consider where to keep your data. Do you have staff on hand who are keeping up with the latest security patches and developments in malware? If not, you may want to think about moving your data to the cloud to avoid a data breach.
It can save money to keep all of your data on-premise with you, since you won’t need to pay to rent servers, but it can cost you in the long run. If you don’t have dedicated cyber security personnel, you might be missing vital security patches or be more open to attacks. Once again, the decision makers in the company will need to figure out if it makes sense to move operations to the cloud.
With a cloud provider such as AWS or GCP, you will have the backing of some of the most powerful companies in the world. They take security seriously and will make sure that your data and servers are always monitored and tracked. They can also implement security improvements like multi-factor authentication to validate the people accessing data are the actual people who are supposed to have data access.
While you pay more each month to have them govern your data, you can also rest easy knowing a company like Google or Amazon is making sure you are not hacked.
In Conclusion
In closing, there is a lot to consider when comparing speed with keeping your company secure. Let Novatech, the managed office expert, help you navigate how you should approach security.
With decades of experience, our managed IT experts can advise any organization on how to secure their data.
Speak with one of the techs today and start to explore how you can stay safe from attackers without sacrificing the quality that your customers expect.