How has the Technological Stratosphere Changed?

Over the last five years or so, the use of social media tools has increased manifold. Even though the quality of cyber security tools has improved, but due to lack of awareness on the end-user part and an increment in new users of social media, the security of the end user has become even more challenging, complex, and difficult. The end user’s comprehension and understanding of the ‘security aspect’ hasn’t improved that much. Which in result, comprises their personal aspects and if they work for an organisation, then that organisation as well.

Social media users are adopting security with awareness, educational portals, corporate trainings etcetera, but they are largely ignorant of importance of their data, the data they publish and the trails they leave behind, including their personal life and online habits, so called personalized marketing by social media provides. This trail of data can be used in multiple forms both for their good and their bad. A novice user is not literate enough to understand the implications brought on by the social media platforms and their personal and corporate security. 

Tech companies with technological advancements within social media applications, operating systems, and networks has made an effort to address security issues within their own domains. But, the security of consolidated environment, infrastructure and its implementation was and is with the technology team of every organisation.

Despite efforts this ‘technology usage VS security’ gap will continue to grow. A simple example can help explain the dilemma.

An elder or business executive starts using a social media app. Let’s say he starts with the Facebook app. He may plough his way into learning and using the app’s interactive interfaces, however, he is completely unaware of the security threats attached to those interactive features. 

Today’s user is giving away vital information, which is required for authentication by financial institutions, social media platforms, and corporate accounts. They click the links which they shall not click, visit the sites from their corporate network and the list goes on and on, compromising the entire corporate security.

Solution Approach

An end-user is not a technology wizard and will never be. New social media tools, more users, and the security of an entire organisation will be left to the weakest link. Sending out memos and alerts does not shift the responsibility from tech to business. So, awareness alone will not solve the problem.  

It needs to be addressed by the technology team. The tech team must design and develop the infrastructure which is capable of sustaining end-user mistakes. The infrastructure which has the resiliency to withhold attacks, complexity for an attacker to roam around, detection of compromise (if any) capability, protection of vital data, and remedial measures to get out of it quickly.

This should be achieved by layered design and appropriate tools at right levels with built-in complexity.

Wasslam,

TM