Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Data security during load shedding

Issue 2/3 2023 Information Security, Power Management

Everything is going fine, but then the power cuts out. No problem, your employees have laptops, and backup systems keep PCs running. But what about your data? What steps have you taken to ensure your business information and application services remain available when load shedding strikes? And did you also cover your security?

When data and applications become unavailable, work stops. Load shedding has made this balance much harder to maintain, and many companies might start cutting corners in their security to ensure productivity. They are taking a significant risk.

"Today's digital businesses must balance access to their systems with hybrid workers, 24/7 availability and ongoing security. Throw in frequent power failures and they need to start making tough choices. It becomes tempting to make choices that focus on availability and sacrifice security features, which is understandable, but they should be careful because cybercriminals can exploit those shortcuts," says Gerhard Swart, CTO at cybersecurity company, Performanta.

Load shedding puts every organisation's security under pressure. According to Swart, there are five key considerations you should take into account to avoid trouble while keeping your systems online and your business cyber-safe.

1. Users log in from different areas and at different times

Modern cybersecurity depends on predictable user behaviours, particularly zero trust security that scrutinises the locations and times of people logging in. Load shedding causes big swings in when and where people decide to access systems, and criminals exploit this confusion. Companies should implement multi-factor authentication to reduce problems with hacked accounts and enlist threat-detection services to catch unusual behaviour.

2. Data centre providers are not impervious

Third-party data centres invest considerable resources to provide power generation and protection against surges. But these measures can still fail, and all organisations must have data loss protection plans. These plans include backup services and failover contingencies, such as a secondary live data site duplicated from the primary data centre.

3.Productivity pressures can derail backup/recovery security

When users need to access data or applications, it should happen quickly, or their productivity will suffer. Speed is essential for ready access to digital assets. But such productivity demands often lead to cutting security corners. This is a dangerous compromise and should be avoided. Create clear, flexible backup and recovery processes that maintain key features such as zero trust security and encryption.

4. Password sharing and weak passwords are more widespread

Hybrid working has encouraged some bad security habits to grow, such as weak passwords, reusing passwords and sharing passwords. Even though passwords are not a great solitary defence, they still form part of a robust security posture and good security hygiene. Poor password habits have dual adverse effects: they undermine security culture and weaken security measures. Load shedding amplifies these bad habits. Create a clear password policy, scan for duplicate passwords, and consider providing a company-supported password manager.

5. Criminals can exploit load shedding anxiety

One of the most significant risks from load shedding is the anxiety and panic it causes. Criminals can use these emotions in phishing attacks such as an email offering a super-cheap, high-end power supply (act now or lose it forever!). Users click on the link, thinking they will get a special deal, but they instead allow malware onto their system. Ensure your people are updated on their security hygiene, inform them to watch out for these attempts, and use periodic testing to demonstrate how an attack could happen.

Load shedding amplifies many risks around technology. Most of these are apparent, such as providing backup power. However, it’s important not to overlook the problems it creates for data and applications. Speak to an experienced digital business security provider to ensure your environment balances security and productivity when the lights go off.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

A strong cybersecurity foundation
Milestone Systems Information Security
The data collected by cameras, connected sensors, and video management software can make a VMS an attractive target for malicious actors; therefore, being aware of the risks of an insecure video surveillance system and how to mitigate these are critical skills.

Read more...
Surveillance and cybersecurity
Cathexis Technologies Information Security
Whether your business runs a security system with a handful of cameras or it is an enterprise company with thousands of cameras monitoring sites across a multinational organisation, you must pay attention to cybersecurity.

Read more...
Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Read more...
What are MFA fatigue attacks, and how can they be prevented?
Information Security
Multifactor authentication is a security measure that requires users to provide a second form of verification before they can log into a corporate network. It has long been considered essential for keeping fraudsters out. However, cybercriminals have been discovering clever ways to bypass it.

Read more...
SA's cybersecurity risks to watch
Information Security
The persistent myth is that cybercrime only targets the biggest companies and economies, but cybercriminals are not bound by geography, and rapidly digitising economies lure them in large numbers.

Read more...
Cyber insurance a key component in cyber defence strategies
Information Security
[Sponsored] Cyber insurance has become a key part of South African organisations’ risk reduction strategies, driven by the need for additional financial protection and contingency plans in the event of a cyber incident.

Read more...
Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Read more...
Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Read more...
Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

Read more...
The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.