The new National Security Agency (NSA) guidelines are a window of security for users. Everyone has been trying to return to their lives since the Covid-19 pandemic. But the experiences we all had before the pandemic can never be the same. Offices and parastatals are sorting for different methods of communicating and having meetings.
Little by little, people are picking up the pieces of their lives and trying to glue it back. But, there’s a glitch. There is restricted access to sophisticated government-furnished equipment (GFE) like laptops and smartphones. This restriction has forced people to depend on commercial collaborative services on their devices.
The massive reliance on telenetworking media has also created an avenue for constant cyber-attacks; from the John Doe across the road, all the way to the Pentagon.
This movement has gone ahead to intensify a pre-existent global pandemic—Shadow IT.
Shadow IT is “the relentless urge for individuals on the front lines of an organization to find their solutions to information technology problems, often beyond management’s reach (i.e. on personal devices) and often in violation of organizational security policy.”
The only way to lessen the fallout of Shadow IT is by supervision.
The attacks are subjective. While an attack could be seen from one angle as minimal or even waved off, the Pentagon considers that same attack as operational security issues.
Due to the pandemic, a lot of security measures were ignored, to fast track communication. Take, for instance, when the Department of Health and Human Services (HHS), waved penalties against medical providers; who use remote communication solutions that do not comply with HIPAA privacy and security regulations. This decision, in all honesty, was done in good faith. But while security measures are relaxed and get a day off; scammers don’t. They regularly prowl and exploit every single, opportunity they see.
HHS should have instead issue supplemental guidance focused on helping medical providers inexperienced in remote patient care find appropriate tools.
The new National Security Agency (NSA) guidelines are a window of security for users.
They provide key measuring parameters, which will assist the readers in accessing the security worthiness of teleconferencing products. They offer conclusions and are written in technical and, non-technical terms to appeal to various individuals in different spheres of lives. It also provides tips like regulating who users connect to in any meeting. Although they are focused on government employees and military service members, they are broad enough to be advantageous to those in the private sector.
With millions of people working from home, and facing individual challenges, these guidelines could not have come at a better time. The more people work remotely, the larger the target-base for cybercriminals. It’s no surprise then, that while trying to secure variant means of communicating, security protocols are overlooked with the use of Personal devices.
Many non-federal organizations have not set up preventive measures to curb this problem.
Does this new NSA guideline solve all the security problems? No. But it does help reduce the risk of attacks. While we hope to return to “normal” our best bet is to protect ourselves and information at all cost