Create a secure IT environment for your employees

People act in different ways with data security at work and at home. Often, they assume that their employer's infrastructure is protected, so they do not feel obligated to take precautions or responsibility for security in the workplace.

Placeholder

People act in different ways with data security at work and at home. Often, they assume that their employer's infrastructure is protected, so they do not feel obligated to take precautions or responsibility for security in the workplace.

But at the same time, the use by employees of their own personal devices to access business applications and cloud services, along with remote working has increased the risk of exposing a company’s infrastructure to attack.

So, a combination of increased usage of personal devices and employee attitude to data security makes it difficult for the IT department to manage IT security in the workplace.

Organization’s need to create an environment that is productive for its workers, while safeguarding IT security and data protection.

It’s important to elevate employee awareness of the IT security threats to their organization. In a world where mobility, flexibility and working remotely have become an everyday occurrence, this is absolutely fundamental.


Awareness prevents problems

Companies and organizations need to invest in raising the awareness of their employees of their IT security responsibilities. This requires both education and IT strategies formed with the employees’ behavior in mind.

It is the employer’s responsibility to have in place the right tools, processes and safeguards, but employees also need to use them. The better you know your network and its limitations, the easier it is to identify threats.

Some important considerations

The better you map your infrastructure and its limits, the easier it is to predict and prevent risks. The following is a list of ways to address that:.

  • Identify threats to data protection and privacy
  • Focus on employee awareness regarding data protection, and the risk of visibility into the cloud
  • Take action to ensure you have qualified IT security staff
  • Understand that traditional security tools may not work as effectively as before with the unique challenges they face
  • Maintain strong password security along with a proper password policy
  • Keep all your software upgraded and updated
  • Encourage a collaborative IT culture that spots vulnerabilities before anybody else does
  • Provide employees access to the systems and data that they need but not to everything
  • Back up your data regularly
  • Learn about the impact of new regulations such as the EU’s new data protection regulations (GDPR)

A security environment that never becomes an obstacle

When employees feel burdened by security solutions, they find shortcuts. Therefore, it is difficult to create passwords that are secure. The modern way of ensuring security is to replace the passwords with two-factor login based on Public Key Infrastructure (PKI). It provides much stronger authentication than just passwords. At the same time, the user experiences a simple way to login that increases productivity at work.

The user is identified with certificates stored on smart cards or other certificate carriers. The card is issued together with a PIN and can today be used to log in to several system environments - computer, domain, cloud, mobile and tablets.

The same card can also be used as an ID card, access key to premises, means of payment, for protected prints at shared printers, and much more. When the card is removed, the account can not be hacked. When the user is logged in, all communication between users and systems is automatically encrypted.

In Sweden and Scandinavia, as a region we are world leaders in using smart cards, and are now developing next-generation solutions to meet the demands for increased mobility.

An important fact is that you can trust your smart card to deliver a secure digital identity for your mobile phone, computer or tablet. The methodology is similar to the mobile phone BankID and opens up many opportunities and increased platform independence.


E-identity for public sector

SecMaker, together with Inera and the Swedish Social Insurance Agency, have developed a new solution called E-identity for the public sector, Efos.

SecMaker created a joint infrastructure for all organizations in the public sector. Efos replaces Inera's previous authentication solution, SITHS and Swedish Social Insurance Agency's MCA. The service is being launched in autumn 2018, and SecMaker will deliver a new management tool and client program to the new identification service.

The delivery involves four significant parts:

  • A client program to read and manage certificates.
  • A modern interface for administration of smart cards and certificates.
  • A platform for mobile work.
  • Tools that make it easy for application suppliers to add support for smart cards and certificates.

The new solution provides a common standard for IT security in the public sector, while providing secure and flexible mobile authentication. A common infrastructure and joint technology will strengthen cooperation between municipalities, regions and authorities.


How to comply with the new GDPR regulations on data privacy

On 25th May 2018, the European General Data Protection Regulation (GDPR) came into force designed to unify data privacy laws across the EU. It provides EU citizens more control over their personal data and how organizations must manage and protect the data that they collect. A breach of the regulations could mean severe penalties with fines up to 20 million EUR or 4% of annual global turnover.

According to new research, as many as 74 percent of IT security practitioners say that complying with the GDPR will have a “significant negative impact” on their organizations.

SecMaker has solutions that make it easier and safer for our customers to meet the requirements of the new regulation. We provide data security with smart cards and other certificate carriers and have over twenty years experience and nearly two million users.

With Net iD, we provide products and services that guarantee high data security with the market's most qualified solutions for secure and easy login, which also ensures authentication, encryption and digital identification.

Share this article

Related

Net ID logo