How businesses can best balance security and privacy

How businesses can best balance security and privacy

California-based Linh Lam, Chief Information Officer at Jamf, discusses strategies and tools that can best help businesses achieve a balance between successful cybersecurity and respecting customer and employee privacy.

The UK government’s latest Cybersecurity Breaches Survey 2022 found that almost one in three businesses (31%) and a quarter (26%) of charities suffering attacks said they now experience breaches or attacks at least once a week.

A recent survey of UK organizations by PWC found that almost two-thirds of respondents (61%) expect to see an increase in reportable ransomware incidents in 2022. There is a plethora of statistics that we can draw from to tell us that threats are becoming not only more frequent but are more serious and crippling.

Companies must face this reality and adjust accordingly – it is worth remembering that security is only as strong as your weakest link.

We know that cybersecurity threats are exponentially increasing, and that impacts organizations, people and technology. Indeed, with their rising popularity in the enterprise, Apple devices have become a target for those threats, forcing companies to review the strategy and required tools to keep their business safe from security breaches.

Bring Your Own Device (BYOD) programs, which are growing in popularity across the enterprise world, are also at risk of cyberthreats. Therefore, it’s essential for IT admins to ensure the security of these devices while respecting the end-user’s privacy.

To do so, we’ve designed solutions that make it easy for organizations to implement the use of personally-owned Apple devices for work while maintaining user privacy. IT admins are still able to perform critical functions such as locking devices, applying corporate configurations, installing and removing corporate apps, collecting security information from devices and adding/removing restrictions to protect corporate data.

Simultaneously, individual employees’ privacy is protected by blocking admins from activities such as viewing or erasing private data, removing or restricting personal apps, tracking locations and collecting users’ private information.

Whether employees are using personal or company-provided devices, vigilance and control over all devices within a network is essential to combat the challenges that have developed in recent years. As a result, the temptation is to implement widespread, invasive security measures that have strict control on employees’ activity, and monitor their movement using the network, whether on a personal or company-owned device.

However, with this comes a growing problem in the dichotomy between protecting company assets from external threats and the call from employees for their privacy to be protected, wanting their digital activity to be unencumbered by too much oversight and tracking.

Finding a balance between these two seemingly conflicting needs is essential and raises the question of how business leaders find the right balance between ensuring their networks are secure, while also ensuring that individuals’ privacy is respected.

To combat these issues there are a multitude of solutions and here are a few to consider. 

Zero Trust Network Access (ZTNA) enables organizations to provide each employee fast, simple and secure access to any corporate resource, wherever they are. Users benefit from a seamless access experience to the data and apps they need while IT teams have visibility and control of what is being accessed. ZTNA guarantees strong security without lowering productivity or negatively impacting the user experience – a perfect combination for any organization.

Another key component to this equation is threat prevention. Detecting and blocking security threats before they can have an impact on individual devices, or the entirety of the network, is something all businesses should work towards. This requires both a monetary and temporal investment in robust security measures and a varied and rigorous program of threat prevention.

As Jamf works across a number of different verticals, we have created specialized security systems that function best for each sector. For example, we have recently launched our Safe Internet solution for education.

This is especially poignant given that students spend nearly twice as much time online as they have previously, and increasingly need Internet access for research and connectivity with alternate learning models. Enforcing acceptable usage policies with best-in-class network threat prevention and content filtering features allows students to learn safely anywhere.

These are just some of the solutions that can work to tackle the issues at hand. However, as the threats evolve and become increasingly sophisticated, the way that we protect companies under attack will have to adapt to keep up. We work constantly to develop our offerings to reflect this, using research and feedback to help us along the way.

Browse our latest issue

Intelligent CISO

View Magazine Archive