THE ESSENTIAL GUIDE TO CYBER SECURITY FOR OFFSITE EVENTS

Similar documents
External Supplier Control Obligations. Cyber Security

Cyber security tips and self-assessment for business

DIGITAL TRUST Making digital work by making digital secure

Challenges and. Opportunities. MSPs are Facing in Security

A practical guide to IT security

A company built on security

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Cyber Security Stress Test SUMMARY REPORT

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

CYBER RESILIENCE & INCIDENT RESPONSE

Securing Network Devices with the IEC Standard What You Should Know. Vance Chen Product Manager

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

THE CYBER SECURITY PLAYBOOKECTOR SHOULD KNOW BEFPRE, DURING & AFTER WHAT EVERY DIRECTOR SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Cyber Security. Building and assuring defence in depth

Practical Guide to Securing the SDLC

Understanding the Changing Cybersecurity Problem

Are we breached? Deloitte's Cyber Threat Hunting

ACTIVE SHOOTER RESPONSE CAPABILITY STATEMENT. Dynamiq - Active Shooter Response

Best Practices Guide to Electronic Banking

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Trust Services Principles and Criteria

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Crash course in Azure Active Directory

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

10 FOCUS AREAS FOR BREACH PREVENTION

Internet of Things Toolkit for Small and Medium Businesses

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

Keys to a more secure data environment

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

The hidden cost of smart buildings

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

GLOBAL PAYMENTS AND CASH MANAGEMENT. Security

CYBER SECURITY TAILORED FOR BUSINESS SUCCESS

Security Awareness Training Courses

How to Write an MSSP RFP. White Paper

Application management in Nokia: Getting the most from Company Apps

Secure Access for Microsoft Office 365 & SaaS Applications

Unlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.

SECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

SECURING DEVICES IN THE INTERNET OF THINGS

Information Security Controls Policy

Security

UNLOCKED DOORS RESEARCH SHOWS PRINTERS ARE BEING LEFT VULNERABLE TO CYBER ATTACKS

White Paper. How to Write an MSSP RFP

Shifting focus: Internet of Things (IoT) from the security manufacturer's perspective

CoreMax Consulting s Cyber Security Roadmap

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

Tips for Effective Patch Management. A Wanstor Guide

Brian S. Dennis Director Cyber Security Center for Small Business Kansas Small Business Development Center

Version 1/2018. GDPR Processor Security Controls

Module 11 Technical Troubleshooting for Restaurant Managers

The Common Controls Framework BY ADOBE

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

Network Security Policy

Managing Windows 8.1 Devices with XenMobile

Information Security Policy

STANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange

Governance Ideas Exchange

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Reserve Bank of India Cyber Security Framework

CyberArk Privileged Threat Analytics

PREPARE & PREVENT. The SD Comprehensive Cybersecurity Portfolio for Business Aviation

AT&T Endpoint Security

AUTHORITY FOR ELECTRICITY REGULATION

Kaspersky Security. The Power to Protect Your Organization

Keep the Door Open for Users and Closed to Hackers

Security by Default: Enabling Transformation Through Cyber Resilience

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Hosted Desktop Features & Benefits. Technology House, 59 Washway Road, Sale, Manchester, M33 7AB Support

Juniper Vendor Security Requirements

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

A GUIDE TO CYBERSECURITY METRICS YOUR VENDORS (AND YOU) SHOULD BE WATCHING

Guide to Network Defense and Countermeasures Second Edition. Chapter 2 Security Policy Design: Risk Analysis

SECURING DEVICES IN THE INTERNET OF THINGS

Standard for Security of Information Technology Resources

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

Minimize litigation risk Discuss security best practices Review security tools and techniques Identify seven cybersecurity must-do s

Cyber Security Incident Response Fighting Fire with Fire

Cyber Security Audit & Roadmap Business Process and

A Guide to Closing All Potential VDI Security Gaps

IT Service Level Agreement

Go Cloud. VMware vcloud Datacenter Services by BIOS

SRM Service Guide. Smart Security. Smart Compliance. Service Guide

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

Cyber fraud and its impact on the NHS: How organisations can manage the risk

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

Data Security Standard 9 IT protection The bigger picture and how the standard fits in

Lookout's cybersecurity predictions

Copyright ECSC Group plc 2017 ECSC - UNRESTRICTED

ABB Ability Cyber Security Services Protection against cyber threats takes ability

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Securing Your Salesforce Org: The Human Factor. February 2016 User Group Meeting

BUILT TO STOP BREACHES. Cloud-Delivered Endpoint Protection

Transcription:

THE ESSENTIAL GUIDE TO CYBER SECURITY FOR OFFSITE EVENTS

THE ESSENTIAL GUIDE TO CYBER SECURITY FOR OFFSITE EVENTS You are taking your team offsite for training or a meeting. During this offsite session, you ll need to use your venue s Wi-Fi network and possibly also have a remote connection back to your own network. You ll be accessing your files while in the venue and discussing confidential company information. In any offsite situation, there are important security considerations that need to be made before sharing your data with third parties or accessing external Wi-Fi networks. 1

THE CYBER THREAT AND YOU When it comes to cyber incidents, many experts agree it s not a case of if an organisation will experience an incident but when. It s impossible to achieve impenetrable security in a world of increasingly advanced cybercrime, especially when human error plays a role in many breaches. In light of this, it is important to target your defence to vulnerable areas. A SOFTER TARGET: OFFSITE EVENT AND TRAINING VENUES Third party suppliers can provide a sought after softer target for malicious parties. In fact, according to Deloitte, basic hygiene issues with third parties are responsible for many cyber issues. From hotels to co-working hubs, venues present greater opportunity for incidents due to the sensitive information shared directly with them or via their networks. It s critical the Executive team have comprehensive knowledge of their venues, including the security they offer and the information they have access to. 2

ASSESSING VENUES CYBER SECURITY LEVELS Many venues differ greatly when it comes to IT. With the greater potential for exposure during offsite events, you want to know you re in safe hands when venturing outside your own four walls. Choosing a venue that has invested in their IT infrastructure, utilises comprehensive data security tools, and follows stringent security processes should be non-negotiable. The following is a useful guide of criteria to consider when assessing venues for offsite events: What are the Venue s Data Storage Practices? Before sharing sensitive company information with a venue, Cliftons IT Team cautions there are three questions you should be asking: 1. Where do they store your data? 2. Is this data backed up? 3. What do they do with the data after the event? This could be things like exam papers, training materials or computer images. Is the Venue s Network Secure? It s critical a venue s network is separated to ensure your data is secure when multiple companies are using the same venue. This mitigates risk of compromise during offsite events. It s baseline security, but the question needs to be asked to avoid unwanted surprises. LOOK FOR: Core infrastructure that logically and physically separates individual rooms for security. Is the Wi-Fi Network Secure? Prioritise venues who offer their own fully supported Wi-Fi network. Why? Many hotels lack the infrastructure to offer Wi-Fi internally and do so through a third-party company. This leads to further potential compromises through additional suppliers having access to your data, opening the door wider to threats. At Cliftons, all support is managed by a head office team who resolve incidents internally. ASK YOUR VENUE: Is their Wi-Fi network managed internally? 3

Accessing Your Network OffSite: Important Considerations When hosting training offsite it s common to require access to your own network. You might have employees plugging-in via their personal devices, company laptops, or the venue s computers. (The same applies when employees work from home). For each scenario, there are certain points requiring considerations: Remote Network Connection Options There are a number of options you can use to remotely connect back to your network. These include (but are not limited to) Citrix, Virtual Private Network (VPN), or Remote Desktop Protocol (RDP). For offsite training, a good venue will be able to work with you regardless of the platform you use. Two-Factor Authentication All organisations should be using two-factor authentication for remote network connection. Two-factor authentication provides an extra layer of security for remote access. To login, users must enter a passcode (received by text, email or an app) in addition to their credentials. Less Secure: Personal Devices Personal devices are unknown quantities. When employees access your network from their own device, it opens you up to potential breach. If an employee hasn t installed antivirus software or the latest security patches, their device could be unknowingly compromised. Once they connect to your network, your system can be compromised too. TIP: Lock down your network to only allow access from company devices. If this isn t desirable, set up automated preconnection checks that prevent users connecting unless their device meets certain criteria (such as antivirus and up to date patches). More Secure: Company Laptops Company laptops are a more secure choice for offsite events. Ensure your employees devices have the latest antivirus and security patches. Venue Computer Rooms with a Prepared Image and Firewall VPN For a highly secure combination for computer based events, Cliftons IT team can prepare an image which is deployed to all computers in the room (including the latest security patches and antivirus). A high-level VPN connection is then created, removing the need for users to login with their username and password. 4

When the Worst Happens: How Will Your Venue Respond to an Incident? With impenetrable cyber security unachievable, contingency planning for the worst must be part of any good defence strategy. This applies equally to venues. If the venue network is breached while you re onsite, you need to know how the venue s IT team will respond and how you ll be affected. Questions to ask: 1. Does the venue offer technical support? 2. How are incidents handled and escalated? 3. Do they have an in-house escalation team that can push a fast resolution? 4. What are their SLAs? (i.e. How soon could you expect to be up and running again if something goes wrong?) TIP: Look for a venue that offers all support in-house. Internal IT teams like the Cliftons Infrastructure team know their network like the back of their hand (in fact, they built it themselves!). This removes delays where an external provider needs to be briefed and involved. 5

CYBER SECURITY FOR MULTI-CITY EVENTS Must: Choose a venue that has sites covering as many of the locations you require as possible. Why? Apart from the obvious reasons of having less people to deal with, less number of times to repeat the same set of instructions, and consistent event quality across all venues, it also delivers advantage from a cyber perspective: Less Venues = Reduced Risks Associated with Third Parties Again, limiting the number of venues you share your data with minimises hygiene issues. The more parties you share sensitive information with, the harder it is to keep track of who has access to what. For every company that has access to your data, the greater chances you have of experiencing a breach. Bonus Network Advantages As an added advantage, some venues can arrange multi-room network connections across their venues in different cities. At Cliftons, this means an event happening simultaneously in Singapore, Hong Kong, Sydney and Auckland can be linked seamlessly. SUCCESS Cyber breaches have the potential to cause disruption, time wastage, financial and reputational damage. With a well-planned approach, you significantly improve your chances of a smoothly run, secure event. 6

CONNECT WITH US Ask to arrange a venue tour for you. TELEPHONE AU: 1800 629 088 (free call in Australia) NZ: 0800 629 088 (free call in New Zealand) HK: +852 2159 9999 SG: +65 6591 7999 EMAIL US www.cliftons.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback