European Trade Fair for Machine Technology, Equipment and Supplies for the Wood Crafts

29 March - 1 April 2022 // Nuremberg, Germany

HOLZ-HANDWERK Newsroom

Compulsory exercise in crafts: Living cyber security

© NürnbergMesse

With (almost) nationwide networks, flat rates and high-performance mobile devices, you can surf the internet anytime, anywhere. In addition, smartphones and tablets are superior to standard PCs in terms of performance.

The question is, whether, in this context, the topic of cyber security is keeping pace in your craftsman company? Appropriate precautions and measures to protect and secure devices, networks, data and connections, to update operating and security systems, and to authenticate users are not freestyle, but mandatory.

Therefore is a need for a cyber security strategy that should be based on the following aspects:

Smartphone and co. must be protected against hacking, viruses, computer worms, trojans, spam mails, etc. And because this is neglected in many cases - often due to ignorance or a lack of technical expertise - every data thief is rubbing his hands. All mobile devices must therefore be protected with user IDs and passwords. Appropriate technical precautions make password entry unavoidable for the user and thus create initial protection in the event of theft or loss. Remote wiping of data and locking of hacked devices already provides good protection of data and identities on the device.

Employees should be regularly trained and sensitized to the topic of cyber security. They must know that certain activities facilitate the "work" of hackers and data thieves. Consequently, it should only be possible - if at all - to use public wifi without a VPN with restrictions. It must go without saying that links and attached files in mails from unknown users are not clicked on.

Keeping operating systems up to date should be as much a matter of course on mobile devices as it is on PCs or in networks. The IT manager or IT service provider must therefore ensure that all devices used in work are always equipped with the latest updates. 

It makes sense to encrypt all data, no matter where it is stored. With the power of today's information technology, this is not a problem and greatly improves security because outsiders cannot access stored content and identities.

The digital identity clarifies who accesses or is allowed to access which data and services and when. This is why "identity and access management" (IAM) plays an important role in an holistic security concept. IAM makes it possible to track exactly which users need which rights for systems and applications, and how they use these rights on which devices.

Cyber security does not end after work

If employees are also allowed to use company mobile devices for private purposes or use their private smartphones and tablets for work purposes, then a separation of private and company data must be ensured with the help of security containers. This is easier on company-owned devices than on private ones. Technically, this is not a problem either. You just have to want to implement it.

Conclusion

Don't make the topic of cyber security the "buzzkill" of digitization! But make absolutely sure that the security solutions you use adress both your business needs and the current and future requirements of digitization.

top