Wavelink Blog

Why new data breach laws may only be the tip of the iceberg for Australian SMEs

While Australia has already mandated remedial action against data breaches with the Notifiable Data Breaches (NDB) scheme coming into effect in February 2018, there may be more to follow and businesses must act now to prepare, according to Wavelink.

The laws being implemented overseas are far more stringent than those in Australia. The European General Data Protection Regulation (GDPR), being introduced in 2018, means that an organisation could be fined up to the greater of €10 million or two per cent of its annual revenue for failing to comply with the notification provision. (1)

Hugo Hutchinson, Wavelink’s national business development manager for Fortinet, said, “Standards implemented in Australia are often based on global and international initiatives. Irrespective of what happens in the future, small and medium-sized businesses (SMEs) must act now to plan for the NDB scheme, as it would be naïve to think this won’t be ramped up over time.”

Protecting against data breaches is essential for SMEs, many of which go out of business within six months if they face a data breach. According to the U.S National Cyber Security Alliance, 60 per cent of small companies are unable to sustain their businesses over six months after a cyberattack. (2) This means some type of security strategy is crucial to the business’s ongoing sustainability.

Many SMEs lack the resources to a take comprehensive security stance. But, despite a lack of in-house skills or budget, it is important that they at least start with the basics.

According to McKinsey & Company, one myth surrounding cybersecurity is that more advanced technology translates to stronger security. Cybersecurity teams often use powerful, cutting-edge technologies to protect data and other corporate assets but many threats can be mitigated using less-advanced methods. (3)

Hugo Hutchinson said, “There is no longer any excuse for SMEs to do nothing. Vendors are constantly working to offer scalable solutions that are accessible to every size business. SMEs should start by implementing a basic firewall and then work with a partner to create a 12- to 24-month plan to get security up to where it should be, and then review it regularly to stay on top of changes in the threat landscape.”

References:
(1) https://www.lexology.com/library/detail.aspx?g=8185429b-c98d-484a-9fce-890606c42804
(2) http://www.denverpost.com/2016/10/23/small-companies-cyber-attack-out-of-business/
(3) https://www.mckinsey.com/business-functions/digital-mckinsey/our-insights/hit-or-myth-understanding-the-true-costs-and-impact-of-cybersecurity-programs

Key components of a cyber security program in schools

The school environment is commonly viewed as an easy target for hackers, making it critical for schools to bring their cybersecurity programs up to speed or risk a serious breach, according to Wavelink.

Two major breaches have occurred in Australian schools this year and these attacks will continue to increase as schools are targeted with phishing, ransomware, and DDoS attacks. (1)

Hugo Hutchinson, Wavelink’s national business development manager for Fortinet, said, “A cybersecurity program in schools is no longer optional with all signs pointing to an increase in attacks over the next few years.

“It is important that principals, and the board, take a leadership approach to cybersecurity. Much like CEOs have been held to account in the business world, the same will be a reality for principals who are seen to do nothing when it comes to protecting private data in schools.”

Key components of a cybersecurity program in schools include:

1. Technology. Schools need to implement technology such as firewalls and network tools to monitor the environment. Network visibility will provide important information on breaches as well as on what students are doing on the Internet. Schools should extend security to students’ home environments by implementing client software, which applies the same security policies at home as it does at school.

2. Patch management. Security technology is constantly being updated and patched by vendors. It is important that, no matter what security software is in place, the school keeps up to date with patch management.

3. Reporting. The right reporting tools will provide the right information in the event of a breach such as which files have been compromised. This will help schools get on top of a breach faster.

4. Content/web filtering. Content/web filtering is essential in a school environment to protect the children by preventing access to unsecure or unsuitable online content.

5. Education and awareness. Cyber education is important for teachers and students. They should be aware of the policies and what to look for, and what to avoid, when using the network.

 

Reference:

(1)    https://www.schoolgovernance.net.au/2017/06/01/two-major-privacy-breaches-in-victorian-schools-paw-messages-more-relevant-than-ever/

Why IoMT is putting healthcare facilities at risk

The rise of digital healthcare and technological advances such as the Internet of Medical Things (IoMT) is critical in creating better services and experiences for patients. However, these technologies also put healthcare facilities at considerable risk, according to Wavelink.

Hugo Hutchinson, Wavelink’s national business development manager for Fortinet, said, “Wireless connectivity and IoMT improves productivity, responsiveness, and patient resolution.

“However, a breach in security can cause loss of confidential patient information and even put lives at risk. Hospitals and other healthcare facilities are a major threat vector at the moment, and are ripe targets for ransomware, DDos attacks, and IoMT breaches.”

While many facilities might not have the resources in-house to address their security concerns effectively, they can find a partner that can walk them through the journey. The right partner can guide the facility in making important decisions about how to manage and segregate the network to minimise the risk. For example, there should be different access levels and credentials for doctors, nurses, patients, and third-party visitors such as maintenance contractors.

Hugo Hutchinson said, “The security environment must include technology, governance, and awareness. Facilities should look for a partner to a conduct a cyber threat assessment so they know where they are today from a security risk perspective and have the information they need to get to an acceptable risk level in the next 12-24 months.

“In addition, consider reaching out to other similar organisations to understand what they are doing and even look at resources such as Essential Eight Explained and Internet of Things Security Guideline to see how they can help. Not everything is a cost, and there are many free resources to get started with.”

Spectralink Roadshow | Thanks for coming

Wavelink would like to thank all those who attended our Spectralink roadshow and we hoped that it was informative and worthwhile for you as it was for us.

If you have any follow up questions about any of the topics that were covered, please feel free to contact your channel manager for more information.

IMAG1645

IMAG1647

Spectralink Applications Demo | Duress Button – Code Black

In this video, we will demonstrate an emergency duress situation, using a Spectralink 8400 series handset, a Spectralink PIVOT:SC handset and SERIA by Olinqua.

If you have any questions about duress or Spectralink handsets feel free to contact us at sales@wavelink.com.au
http://wavelink.com.au/ 

The Biggest Little Phone System

Unlike “The Little Engine That Could,” there is no need to chant, “I think I can, I think I can…” when it comes to overcoming seemingly insurmountable odds – especially when it comes to choosing a more powerful phone system.

The smallest (in stature only) on-premise appliance that Digium recently released, the Switchvox E510, might be small but there’s no doubt about it.  It slays the competition.

Especially in the lower side of the SMB spectrum, small businesses have had difficulty finding an affordable phone system that isn’t limited in functionality, features, or usability.

 

Choosing a Phone System That Performs for Your Business

In the past, the “choices” of these budget-savvy business shoppers have been generally relegated to buying a phone system that is cheap, but as a trade-off you:

  • lose functionality,  such as the ability to work receive calls remotely, just as if you’re in the office
  • accept limits on features, such as a only being able to use a ring-all call queue or hunt group that can only have 5 phones in it and has no options for things like custom music on hold, or announcements for those waiting
  • get stuck with phones that are hard to use, interfaces that are not intuitive, or have a system that is not manageable by non-VoIP telephony experts.

Powerful and Affordable

But that’s all changed.  Just introduced on August 1, and now available, is the more powerful Switchvox E510 appliance. When it’s bundled with the award-winning Switchvox software, small businesses get all the enterprise-class, fully-featured, and advanced (yet simple) functions of its powerful enterprise brethren, but at a cost even the smallest of businesses can afford.  And though it’s an appliance that can essentially fit in the palm of your hand, it’s powerful enough to let your business enjoy multi-tiered Auto-Attendants, Visual Voicemail, Mobility options (such as advanced Call Rules), softphones and Call Queues with full functionality.

If you haven’t seen it already, check out our overview video that features the E510 as well as the other appliances in our new lineup. Let us show you how Switchvox can reinvigorate and optimize how your business communicates.

How the Channel can Facilitate the Security Journey for Organisations

When it comes to security, the channel plays an important role in helping organisations navigate their journey. Channel partners can help raise awareness and help customers plan to comply with new mandatory data breach reporting requirements, according to Wavelink.

Hugo Hutchinson, Wavelink’s national business development manager for Fortinet, said, “Organisations are constantly looking to technology to support business outcomes and drive business growth. To do this, they require partners that can support, manage and accelerate this. Security is an important part of this.”

To be successful the channel needs to be able to facilitate security conversations with all levels of business leadership, from the CEO to managing directors and CIOs. This requires a terminology change that is less about technology and more about mitigating risk, and supporting organisational goals.

Hugo Hutchinson said, “To do this the channel needs be up to speed with the current security and threat environment, and have regular training. All of this will help the channel communicate to organisations the importance of security investment in such a way that organisations will be receptive and willing to prioritise it.”

This is where vendor and distributor relationships are so important.

Hugo Hutchinson said, “As an extension of the vendor, distributors play a critical part in relaying information to resellers so they stay up to date, are aware of product, service and market changes, and receive training. For Wavelink, taking a multi-pronged approach to helping channel partners ensures that it is helping them assist customers in reaching their security goals.

“Through investment in in-house expertise to facilitate reseller growth, information sharing, workshops, webinars and promotions, Wavelink is proactive in ensuring its resellers are trained and upskilled in security to drive conversations with customers based on their understanding of organisational challenges and requirements in today’s complex security environment.”

-ENDS-

About Wavelink
Wavelink specialises in the supply, marketing and support of a range of leading edge technology solutions for the mobile enterprise.  Wavelink distributes a range of products from Spectralink, Fortinet, Spok, Olinqua and Digium. For more information please contact Wavelink on 1300 147 000.

 

Healthshare NSW & eHealth NSW Expo 2017

Thanks for a great time at Healthshare NSW & eHealth NSW Expo 2017

20170803_144608

20170803_135455

DSC00919-crop

20170803_124657

 

 

Why security awareness programs for employees are critical in securing organisations

The rise of digital organisations, and the interconnectedness of devices to organisation’s networks is undoubtedly creating security risks. However, what many organisations don’t realise is the important role employees play in mitigating this risk.

Manuja Wijesekera, pre-sales solutions architect – Fortinet, Wavelink, said, “Given the explosion of hacking related security outbreaks in the past couple of years and the damage it can do to organisations, it is becoming more important than ever to remember that no matter what technology or security measure is in place, more often than not employees are the first line of defence. It is therefore important to take a multi-dimensional approach to protect your organisation.”

Ransomware, CryptoLocker, DDoS, and botnet attacks are increasingly commonplace in the corporate world.

Manuja Wijesekera said, “Whether it’s mistakes, a lack of understanding of what a suspicious email or content looks like, connecting unsecure devices to the network, or even inside threats from disgruntled employees, organisation’s are regularly being put at risk.”

Organisations need to mitigate this by making employee engagement part of their workplace culture. This includes making it a part of the onboarding and induction process as well as running regular security programs and awareness campaigns throughout the year. It is also important to make sure security teams are certified wherever possible.

Manuja Wijesekera said, “Employee mistakes are a common cause for security breaches and hackers are using the emotional aspect when trying to entice us to click on a link or open an infected file, hence the need for organisations to foster an environment where an employee can ask questions without being reprimanded or ask for help if they think they’ve made a mistake that might have put sensitive data at risk.”

For small to medium-sized businesses in particular, which may lack the dedicated resources for security, there is a very real possibility they are setting themselves up for a breach.

Manuja Wijesekera said, “The other issue is that many smaller organisations are not willing to invest at all until they have suffered a breach, which is often too late. Their network may even have already been penetrated without them knowing it because they don’t have the systems in place to track it.

“For larger organisations this is less of an issue because security has become a boardroom discussion, and CEOs and other high-level executives are being held to account when it comes to protecting sensitive information.

“Ultimately, all organisations need to look at making security part of their overall culture, and move away from the notion that having a single security device at the edge will make them secure. They should look for solutions and partners that can offer a fabric of security technologies with the importance given to technologies that are able to share intelligence. They also need to have a good governance program in place to maintain and monitor security in real time and an awareness program that includes all employees.”

Join our Online Discussion Panel about the Importance of Cybersecurity for K-12 Schools

webianr-fortinet-geelongCC-WL

K-12 schools face ever-increasing challenges in managing increasingly complex network security threats. While it’s key for schools to have the latest security and networking technologies, limited budgets can make it seem impossible to purchase and then find the resources to manage them.

Schools needs solutions that reduce complexity with end-to-end network and wireless access security, saves IT resources with centralised security management for endpoint, firewall, wireless, and WAN connectivity and provide comprehensive security across threat vectors.

Join Ashley Walters from Christian College, Geelong, Haris Chaudhry from Fortinet and Wavelink’s Manuja Wijesekera and Hugo Hutchinson in a panel discussion on ‘End to End Network Security for K-12 Schools‘.

RegisterNow-RedButton

 

Recent Articles

Archives