Concerned about Cyber Security? Start by Securing Corporate Desktops

A recent article in CIO touched on a well-known but still sensitive topic: The fact that organizations are still struggling with cyber security. The article noted that 2015 was the second worst year for security threats and saw more than 780 data breaches.

The Biggest Cyber Security Obstacle

Though there may be several reasons organizations haven’t kept up with cyber security demands, the article specifically calls out cost as a major hang up. Data breaches aren’t cheap – the average cost has reached $4 million – but investing in cyber security is expensive and has a hard-to-measure ROI that leaves many organizations struggling with the investment. From CIO:

“Implementing the technology necessary to protect your business can often be just as expensive as a data breach, especially if you want to do it the right way. … Businesses are letting a lack of visible ROI and cost get in the way of protecting company assets.”

Growing Cyber Threat Landscape

But while this discussion is raging within IT departments and board rooms, threats are growing. Since 2006, lost or stolen devices account for more than 25% of data breaches. That number can climb much higher, as with the 68% of healthcare data breaches in 2014 that were tied to lost or stolen devices.

With numbers like that, it’s surprising that businesses aren’t doing more to combat cyber threats and protect against data loss. A major component may be that the discussion on cost versus risk fails to account for one very important factor: Companies are not limited to a single data breach. Not spending the money is only putting companies at greater risk.

Affordable Cyber Security Initiatives

It’s clear that organizations need to start taking a more aggressive cyber security stance and making smarter decisions with the solutions they put in place. If an all-in cyber security plan isn’t on the table, securing desktops through a desktop-as-a-service (DaaS) solution gives companies an opportunity to reduce risk across a broad swath of the threat landscape for a manageable budget commitment.

The main issue with data breaches from lost or stolen devices is that sensitive information is stored directly on the device, meaning it goes wherever the device goes. Some organizations are adopting a suite of tools to help address this risk, such as data encryption and remote wipe technology. While these are fine solutions, they just add to the cyber security bill while only offering one very specific benefit. When a company uses virtual desktops, data is inherently protected in the case of theft of loss because no data is stored on the device itself. Plus, you get the added benefit of data encryption and multiple layers of security built into a single solution.

Another aspect of data theft is internal attacks. Policies are important, but they don’t do anything to physically stop rogue employees from committing data theft or non-maliciously exposing data by emailing it or storing it on a cloud drive or thumb drive. Tight user permissions coupled with the simple desktop management offered by DaaS means IT departments can quickly and simply secure devices without touching every individual machine. With this tactic, you can limit the actions end users can perform, such as turning off copy/paste and printing and locking down access to public drives or USB ports. DaaS makes both endpoints and end users more secure, limiting the chance of a device or internal breach.

Combined with the other benefits of DaaS – such as faster desktop provisioning, easy scaling and secure support for BYOD or work from home initiatives – this solution may be the leg up that IT teams need to start addressing cyber security in a cost effective way.