“It’s not me, it’s you…and you need help”

The Australian Prime Minister’s decision to go public on the cyber threat to Australia helped draw attention to recent advice from the Australian Cyber Security Centre (ACSS) about the routine housekeeping that businesses and organisations across the country should be doing to reduce the risk of a security breach. 

In Scott Morrison’s own words, he stood up in front of the media to, “raise awareness of this important issue and to encourage organisations to take EXPERT ADVICE and implement TECHNICAL DEFENSES to thwart this malicious cyber activity.”   

The ACSS noted that because all the exploits used by the “attacker” had patches or mitigations already available, it was a reminder to organisations to ensure their systems were kept up to date with any fixes promptly installed.  And it reaffirmed the essential advice that Multi-Factor Authentication (MFA) should be switched on across all remote-access services. This is basic cyber hygiene. 

 

 

Cyber attacks put private enterprise and small businesses in the spotlight 

The wake-up call is timely: while government and military systems are already likely to have tight defences, Australian security agencies are well aware of potential weak points in businesses, academia and other organisations that hold troves of information that could be valuable to a hostile intelligence service.  

Your security posture is an insurance policy 

Working on a recent RFP, I noticed the typical Insurance and Liability compliance sections, but also another kind of ‘insurance’ requirement. The world has changed, and businesses are getting savvy.  A new section of the RFP included questions around our business’ IT security posture.

This went right down to the way our laptops and mobiles are managed. COVID19 has pushed everyone out of the office security ring fence or firewall to our homes and insecure WIFI’s, BYO devices, etc.  So, as a service provider, we need to have our own house in order. 

 

How Mobile Mentor have been prepared 

Fortunately for us, we had already made the move.  We are required to be government security certified for our services, so we need more than just basic security hygiene.  We migrated to full cloud management (Modern Management) from the traditional SOE configuration some time ago. 

Our organisation is spread out globally. It was not viable to bring devices to our NZ “headquarters” to configure and ship to the USA or Australia or to have global (and slow) VPNs to the bottom of the globe.  The change brought simplicity of management to our IT team and much greater security compliance for our customers’ peace of mind.  

We have also deployed additional, more advanced, security software such as Mobile Threat Defence to our mobiles and Password-less authentication in Windows 10 to ensure customer data and our own information is safe from phishing and other cyber-attacks. 

The Australian PM’s press conference went on to talk about cyber threats increasing in frequency, sophistication, scale and impact on all organisations. 

 

So how can you protect your organisation?

Installing the latest security patches and turning on Multi-Factor Authentication isn’t always as easy for most organisations with a complex IT environment – iOS, Android, Windows 10, macOS, VPN’s, AWS, Azure, on-prem applications, etc.  If it were easy the Australian government would not have felt compelled to spell it out so publicly.  Mobile Mentor can provide the expertise that you need to get the basics in place and stay ahead of the cyber security race. 

If you would like to speak to one of our security engineers, please contact us. We’ll be glad to meet with you for some free advice. 

We have several services designed for businesses who want to become more secure, such as our Intune Security Baseline or Intune for Windows services. 

Microsoft Intune is a part of Microsoft Endpoint Manager and provides the cloud infrastructure, the cloud-based mobile device management (MDM), cloud-based mobile application management (MAM), and cloud-based PC management for your company.