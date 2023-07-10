Businesses are increasingly vulnerable to bad actors, but solutions like TOPdesk can help protect them from exploitation
The work-from-home, work-from-anywhere and hybrid work models that emerged during the pandemic have now become commonplace – and while they offer more flexibility for employees, they also open up organizations to an increasing number of cybersecurity risks.
Small and mid-sized businesses are not immune from cyberattacks, with bad actors employing tactics such as online scams and phishing, malware and ransomware. Yet, fewer than half of small businesses in Canada (46 per cent) have deployed defences against cyberattacks, according to a survey by the Insurance Bureau of Canada (IBC). This is despite the fact that 41 per cent of survey respondents that suffered a cyberattack said it cost them at least $100,000.
While targeted attacks are a concern, an organization’s greatest security risk is, in many cases, its own employees. For example, when employees use unsecured networks, personal devices or unauthorized apps to perform their jobs – whether working from home or at other locations outside the corporate office – they can expose their company to criminal exploitation.
“Many organizations have a firewall and can see what’s going on inside their corporate network. But when employees are working from home, they don’t have a cybersecurity team that’s able to monitor what’s going on in their home network,” says Ray McGuire, technical consultant with IT and product security at TOPdesk.
“Also, when you’re working from home, you have an expanded attack surface. You might be using a personal device in conjunction with your work laptop, so maybe you open up your MacBook instead of your PC and check your team’s messages there,” he said. That attack surface is even larger when using public WiFi networks that may not be secured.
Remote workers are also more apt to share files, which may be protected through encryption when stored on corporate networks. But when those files are shared remotely, they’re unlikely to have the same level of protection, leaving data vulnerable to theft, identity fraud and ransomware attacks.
Weak, insecure or recycled passwords and login credentials can also undermine cybersecurity software and tools such as firewalls and VPNs, allowing hackers access into the corporate network. Many small and mid-sized businesses also use freeware or Outlook for tasks such as tracking tickets, which can quickly become overwhelming – and doesn’t have controls in place to protect confidential or sensitive information.
For Kimi Fleming, an application support specialist with Hicks Morley Hamilton Stewart Storie LLP in Toronto, strong policies and procedures help to protect corporate data. Through continuous improvement, the law firm sought to enhance its system, allowing it to better track progress and resolution of issues, as well as improve the ability to identify trends and anomalies much faster.
“With other platforms or other methods, it was hard to bring all the data together or follow a process properly,” Fleming says.
The law firm turned to TOPdesk, an IT service management (ITSM) service desk solution with an out-of-the-box ticketing tool that’s easy to integrate with IT, facilities management and human resources. ITSM involves all processes and activities that IT departments undergo to manage end-to-end delivery to customers.
“TOPdesk really helped us with that because it’s easier to keep track of everything, so it’s a huge advantage for us,” Fleming says. “Not to say it wasn’t organized properly before, but it’s made the entire process a lot more efficient and gives us more eyes on everything going on.”
They’re currently beta-testing an AI component in TOPdesk that provides alerts when a large number of similar tickets are coming in so they can flag suspicious activity. “It helps pick up patterns so we can make improvements to our systems and policies and procedures,” Fleming says. “So it’s a huge time saver, and it’s improved efficiency, but it also provides accountability.”
The system supports multi-factor authentication, as well as flexibility to securely access the environment remotely. And, as soon as a ticket is closed, it automatically gets wiped, and data can be anonymized.
For companies that don’t have an IT department, or use freeware or Outlook to track their service tickets, TOPdesk’s software – which includes ITSM, enterprise service management (ESM) and facility management – is easy to implement, integrate and customize. It can also help mid-sized companies develop a service desk that provides better support, greater efficiency and higher customer satisfaction.
“Outlook or freeware works fine if you’re the only IT person in the department. But once your team gets bigger, it’s not a tenable solution because it becomes difficult to prioritize the work that you’re doing,” McGuire says. “A professional tool like TOPdesk can help companies with usability, automation and insights. You can run reports and check on KPIs. And all of that will bump up the efficiency of your service desk.”
The relationship doesn’t end after implementing the tool; the TOPdesk team works with customers like Fleming to scale the solution as the firm’s needs evolve.
But McGuire also points to the importance of employee education and training in recognizing, preventing and mitigating cyber incidents, such as learning how to watch out for phishing or baiting scams. Consistent training – such as watching a five-minute video or doing a short quiz each month – can help keep cybersecurity top of mind, while tools such as TOPdesk can provide automation and insights that boost overall security.
