Managing security from different endpoints and protecting company data when employees are working remotely are key vulnerabilities for almost half of New Zealand businesses, a new survey from HP shows.
The study shows that about 45 per cent of Kiwi businesses are not confident they could cope if their firms encounter a significant cyber security breach. Only 50 per cent of respondents said they could.
The HP New Zealand IT Security Study, conducted in September 2018, surveyed 434 small-to-large businesses across the services, production, retail and hospitality, health and education, and distribution industries about their security practices.
Grant Hopkins, managing director of HP New Zealand, said organisations need to be vigilant about implementing processes that regularly monitor, detect and report data breaches.
“The consequences of a data breach are severe; from financial to brand and reputation damage,” Hopkins said. “Running regular risk assessments and managing your endpoint security is critical in keeping businesses data safe.”
The study shows that traditional security measures and antivirus programs are becoming less effective as more New Zealanders work remotely, use personal devices in the workplace and work in public spaces. Sixty per cent of businesses regularly allow remote working (and remote access to company data) but only 42 per cent of them have a security policy in place.
According to HP, without embedded security measures like real-time threat detection, automated monitoring, and data encryption, printers are left open and vulnerable to attack. Not only does this make the confidential and sensitive documents that are printed, scanned and copied by the printer easily accessible for hackers, but risks the entire network being hacked, while bypassing the firewall altogether.
“Endpoint security – at the device level – is critical,” Hopkins said. “Organisations tend to rely solely on third party software security to protect their devices when, in reality, stronger and better business security must be integrated into the device itself.”
“With hackers able to bypass traditional network perimeter security and antivirus programs, it’s time we scrutinise a hardware’s security as closely, if not more, than our external security solutions.”