Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Data security during load shedding

Issue 2/3 2023 Information Security, Power Management

Everything is going fine, but then the power cuts out. No problem, your employees have laptops, and backup systems keep PCs running. But what about your data? What steps have you taken to ensure your business information and application services remain available when load shedding strikes? And did you also cover your security?

When data and applications become unavailable, work stops. Load shedding has made this balance much harder to maintain, and many companies might start cutting corners in their security to ensure productivity. They are taking a significant risk.

"Today's digital businesses must balance access to their systems with hybrid workers, 24/7 availability and ongoing security. Throw in frequent power failures and they need to start making tough choices. It becomes tempting to make choices that focus on availability and sacrifice security features, which is understandable, but they should be careful because cybercriminals can exploit those shortcuts," says Gerhard Swart, CTO at cybersecurity company, Performanta.

Load shedding puts every organisation's security under pressure. According to Swart, there are five key considerations you should take into account to avoid trouble while keeping your systems online and your business cyber-safe.

1. Users log in from different areas and at different times

Modern cybersecurity depends on predictable user behaviours, particularly zero trust security that scrutinises the locations and times of people logging in. Load shedding causes big swings in when and where people decide to access systems, and criminals exploit this confusion. Companies should implement multi-factor authentication to reduce problems with hacked accounts and enlist threat-detection services to catch unusual behaviour.

2. Data centre providers are not impervious

Third-party data centres invest considerable resources to provide power generation and protection against surges. But these measures can still fail, and all organisations must have data loss protection plans. These plans include backup services and failover contingencies, such as a secondary live data site duplicated from the primary data centre.

3.Productivity pressures can derail backup/recovery security

When users need to access data or applications, it should happen quickly, or their productivity will suffer. Speed is essential for ready access to digital assets. But such productivity demands often lead to cutting security corners. This is a dangerous compromise and should be avoided. Create clear, flexible backup and recovery processes that maintain key features such as zero trust security and encryption.

4. Password sharing and weak passwords are more widespread

Hybrid working has encouraged some bad security habits to grow, such as weak passwords, reusing passwords and sharing passwords. Even though passwords are not a great solitary defence, they still form part of a robust security posture and good security hygiene. Poor password habits have dual adverse effects: they undermine security culture and weaken security measures. Load shedding amplifies these bad habits. Create a clear password policy, scan for duplicate passwords, and consider providing a company-supported password manager.

5. Criminals can exploit load shedding anxiety

One of the most significant risks from load shedding is the anxiety and panic it causes. Criminals can use these emotions in phishing attacks such as an email offering a super-cheap, high-end power supply (act now or lose it forever!). Users click on the link, thinking they will get a special deal, but they instead allow malware onto their system. Ensure your people are updated on their security hygiene, inform them to watch out for these attempts, and use periodic testing to demonstrate how an attack could happen.

Load shedding amplifies many risks around technology. Most of these are apparent, such as providing backup power. However, it’s important not to overlook the problems it creates for data and applications. Speak to an experienced digital business security provider to ensure your environment balances security and productivity when the lights go off.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

95% do not have full trust in cybersecurity vendors
Information Security Security Services & Risk Management
Trust in cybersecurity vendors is fragile, difficult to measure, and increasingly shaping risk posture at both operational and board levels. Lack of verifiable transparency undermines cybersecurity decision-making, according to Sophos-backed research.

Read more...
Africa’s largest Zero Trust platform
NEC XON Information Security Commercial (Industry)
Africa has reached a significant cybersecurity milestone with the successful deployment of the continent’s largest Palo Alto Networks Prisma Access and Prisma Access Browser Zero Trust environment, supporting secure remote access for more than 40 000 users for a large enterprise in Africa.

Read more...
Supply chain attacks top threat over 12 months
Information Security
Supply chain attacks have become the most prevalent cyberthreat confronting businesses over the past year, according to a new Kaspersky global study, with nearly one-third of companies worldwide experiencing a supply chain threat in the past year.

Read more...
From vibe hacking to flat-pack malware
Information Security AI & Data Analytics
HP issued its latest Threat Insights Report, with strong indications that attackers are using AI to scale and accelerate campaigns, and that many are prioritising cost, effort, and efficiency over quality.

Read more...
NEC XON secures mobile provider’s hybrid identities
NEC XON Access Control & Identity Management Information Security Commercial (Industry)
For a leading South African telecommunications operator, identity protection has become a strategic priority as identity-centric attacks proliferate across the industry. The company faced mounting pressure to secure both human and non-human identities across complex hybrid environments.

Read more...
Microsoft 365 security is a ticking time bomb
Information Security
Across boardrooms and IT departments, a dangerous assumption persists that because data is stored in Microsoft 365 and Azure, it is automatically secure. This belief is fundamentally flawed and fosters a false sense of protection.

Read more...
Rise in malicious insider threat reports
News & Events Information Security
Mimecast Study finds 46% of SA organisations report a rise in malicious insider threat reports over the past year: reveals disconnect between security awareness and technical controls as AI-powered attacks accelerate.

Read more...
New campaign exploiting Google Tasks notifications
News & Events Information Security
New phishing scheme abuses legitimate Google Tasks notifications to trick corporate users into revealing corporate login credentials, which can then be used to gain unauthorised access to company systems, steal data, or launch further attacks.

Read more...
Making a mesh for security
Information Security Security Services & Risk Management
Credential-based attacks have reached epidemic levels. For African CISOs in particular, the message is clear: identity is now the perimeter, and defences must reflect that reality with coherence and context.

Read more...
What’s in store for PAM and IAM?
Access Control & Identity Management Information Security
Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in the coming year, driven by evolving cybersecurity realities, hybridisation, AI, and more.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.