Cyber security should be front of mind for your integrations. Here's why!
With cyber attacks on the rise and an ever increasing compliance burden due to new laws and regulations around data management and privacy, cyber security is front and center for most Boards.
Scroll to next sectionThe increasing frequency, creativity and severity of cybersecurity attacks led the World Economic Forum to announce in 2020 that they pose the second risk of greatest concern for businesses globally over the next 10 years [1]. Just in Australia alone, the Australian Government estimates that cyber security incidents are costing Australian businesses up to $29 billion per year, with cybercrime affecting almost one in three Australian adults in 2018.
Whilst we work legally with technology and aim to help businesses leverage technology as efficiently and securely as possible, on the counter side, cybercrime is now estimated to cost the world $6 trillion yearly, making it more profitable than the global illegal drug trade [2].
The reason we are emphasising this point is so that it is clear to all that, any time you connect a device to the internet, or share your data with a service provider to help you, you must expect that these devices/systems are under constant scrutiny from malicious actors, being scanned continuously for weaknesses (we call vulnerabilities) that may give them an edge to take over this device and launch further attacks against your business or your data. They are making a lot of money, are very skilled, and work 24x7x365.
Performing integrations in-house
If you decide to perform data integration in-house, our other blog discussed some better practices for this and some pitfalls to watch out for. Security is one of these.
In a nutshell, you will need to setup a suitable and secure environment/ resources to facilitate the data exchange. If data exchange is handled manually, this normally means that copies of potentially sensitive data (that were stored in the SaaS platforms) are now sitting on desktops, personal folders or elsewhere in your organisation. The security of these storage locations needs to be managed carefully.
This means that in both cases, you are increasing your ‘attack surface area’, with more devices or places you are storing data that you will need to protect from cyber threats.
Security of service providers
As a managed service provider, we know that we will be targeted by malicious actors. Cyber criminals have focused a lot of their efforts on companies that provide managed services since, if successful, this normally gives them the “keys of the kingdom” to target a multitude of companies in one go.
Security of Harmonizer
At OrangeMason, we have a deep understanding how these attacks happen and what cyber security practices (aka controls) should be implemented to mitigate this risk of this occurring. Realistically, it is not always possible to prevent such attacks, but these can be detected and responded to before this has a serious impact on our services, and your integrations.
We take seriously the trust that is placed in us to offer this managed service. Everything we do, from the infrastructure we use, to the people and processes we use for provisioning, monitoring and on-going development of our integrations, are wholly included within the scope of our ISO 27001 certifications.
So, as we discussed in our previous blog about working smarter, rather than managing integrations and the cyber risks they pose in house, let us take care of the integration for you. We will continuously monitor and react to the changing cyber threat landscape to maintain your integration as securely as possible, so that it is truly ‘worry-free’ for you.
[1] World Economic Forum Global Risks Report 2020
Image by Prettysleepy from Pixabay