Data security is gaining ever-increasing interest among information systems users, especially when it comes to classified or sensitive information.
The lately uncovered cyber-attacks on the U.S. government and the crashes of Google’s services certainly do not diminish concerns for your own security. Data leaks in Finland and Sweden are also fresh in memory.
In this post, I will highlight some basic things worth sorting out. There are several things you can do yourself or together with your IT support. In addition to the basics, I'll mention some features of the CSI softwares that can help you further improve your security.
Workstations
Before switching to telecommuting, it's a good idea to make this decision: do I keep the workstation I use at work only for my own use and only for work use? Do I get separate devices for leisure and family use?
If your workstation is not connected to a corporate domain, do set a user name and a long and difficult password. This way, in case the workstation is lost or stolen, it will not be easy to log into. Encrypting your hard drive greatly increases security. Also, make sure that your workstation's updates and antivirus software are up-to-date. When traveling, use your phone to connect to the Internet instead of using an open WLAN connection.
Servers and Networking
These are almost always maintained by your IT department or supplier and require special expertise, but I will quickly go through some commonly used technologies.
In most cases, when logging into a company network, you connect to a domain that can only be logged in with a username and a strong password. The domain administrator can specify the number of times users can enter an incorrect password before their account is locked, and specify, for example, minimum requirements for the length and complexity of the password.. While telecommuting, a secure VPN connection is typically used to access domain services.
Companies are increasingly giving up their own physical servers. When the servers are located in a service provider's data center under expert maintenance, data security is usually not at least diminished. From the user's point of view, logging on to an outsourced server environment is similar to logging on to a local server.
There are also information systems built entirely on top of Microsoft's M365 / O365 services. In theses cases the company's domain is located in Microsoft's Azure. From a user perspective, Azure AD is similar to traditional Active Directory (practically a domain) with its user accounts, passwords and logins, even though the AD / domain is located in the cloud. With Azure AD, the administrator can easily enable multi-step login, MFA. If your company does not have MFA, you may want to talk to someone taking care of your IT.
Whatever the server and network solution, backing up your data is alwys crucial. Business-critical information needs to be backed up, both in case of cybercriminals or hardware failures. No system is 100% secure.
CSI Softwares and Data Security
The same general security criteria applies to CSI softwares as to any other software. In other words, the workstation, network and server environment must be kept as secure as possible. However, there are some things you can do to increase security, should it happen that your workstation falls into the wrong hands.
- Change your password
When using a username + password combination, change your password and make it something not easy to guess.
To change your password, click on your name at the bottom right of the software and select Reset Password
- Uncheck "Remember me on this computer"
Checking Remember me…-selection makes it easier and faster to open the software, but unchecking it is an easy way to increase security. Even if a third party gets your computer unlocked, they will not be able to log in to the CSI software without a username and password.
- Azure AD Authentication
Starting from version 9.1 of CSI softwares, it is possible to enable authentication based on Azure AD. Your company's Azure AD administrator adds the CSI database you use to a service maintained by CSI Helsinki, as well as the necessary parameters to the software. After this, your CSI software can only be logged in with Azure AD accounts.
Contact CSI Helsinki Support for more information on enabling Azure AD authentication.
- Encryption of M-Files Document Vaults
The document vault of M-Files, which is often connectied to a CSI software, can be encrypted. The information stored in document repositories is often more confidential in nature than the entries made in the CSI software itself. Once the contents of the document vault are encrypted, a potential intruder cannot read the contents of the vault without an encryption key. M-Files encryption uses the AES-256 algorithm. If you're interested in encryption, CSI Helsinki Support can help.
While it may be impossible to create a completely secure information system, there are many ways to improve security quite easily. CSI Helsinki is constantly working to strengthen the security of its software, but you can also increase your and your company's security with the help of the IT department or provider. We, as computer users, aim to make things as easy as possible. tt’s worth remembering, though, that the easiest way isn’t always the best.
Jari Loiri
CSI Helsinki, IT Manager
Life is not all about technology. I'm technology's friend whenever it makes human life easier.
