Consequences of the pandemic
In the aftermath of the pandemic, two related arguments have emerged:
- Attacks on data security,
- Working from home.
In fact, there is an increased incidence of attacks, especially via e-mail, seeking to exploit the anxiety linked to the pandemic.
These attacks may involve replacing the identity of the sender, thanks in part to the theft of credentials, in order to create a semblance of reliability.
In addition, many people work from home, making it more difficult to keep connections and systems secure.
There are many checklists and materials on how to address these challenges. It may be useful to set some guiding principles for choosing between the various alternatives.
Any solution should be clearly explained to users, so that they can use it consciously, with beneficial effects on compliance with applicable legislation on the protection of workers’ and third parties’ personal data.
The key aspects of the technical and organisational adequacy of the chosen solutions should be clear, especially in terms of international data transfer, the type of encryption adopted and access controls.
Examinations should be carried out to highlight possible vectors of attack and to address possible vulnerabilities.
The simpler the solution, the less chance of error or forgetting; niche cloud solutions can be less exposed than mainstream public clouds and allow more efficient and personalized management.
Advanced Artificial Intelligence-based protection can provide a more understandable and participatory experience of threat detection and defense effort, abstracting technical details that only insiders can understand.