Navigating Cybersecurity – how to stay safe and protect others (with Dell Technologies)
You're reading Entrepreneur Georgia, an international franchise of Entrepreneur Media.
For a tech startup to succeed, it must be protected from cyber threats.
In this article, Nika Siradze, a startupper from Medialab with three years of experience in cybersecurity and web development, having extensive knowledge as a former student of the Scientific Cyber Security Association (SCSA), and practical web development experience, is sharing valuable tips from the SolarWinds incident from which all startuppers can learn.
The study case is based on the most significant cyber-attack faced by the IT management company - SolarWinds in 2020. Eighteen thousand users, including government agencies and large corporations, were affected by this attack.
SolarWinds creates systems and IT infrastructure for various companies. In addition to making these systems themselves, they also use vendors that provide specific services to these systems. As it turned out, the hackers used a supply chain attack, injecting malicious code into Orion's system.
"This case is noteworthy because hackers didn't attack the SolarWinds network directly but planted malicious code with the vendor that SolarWinds used. Once the update was released on their systems, malicious code was launched against all users who installed it." – says Nika.
The most important lesson from this real-life case is that extra care should be taken with technical services, such as plugins for WordPress, extensions for Shopify, and more, when running an online store or managing any online business. It's vital to ensure that the provider and their code are reliable. A plugin written by an unknown author updated a few years ago might have a small piece of code that might cause many problems.
The Zero Trust model is the one to use when concerned about reliability. The model implies that all requests should be verified as if they come from an open network. For example, verification to log in to the company account, to log in to e-mail, to get remote access to the server infrastructure, when entering and leaving the office, etc. Also, employees must have secure access to features such as facial recognition, fingerprint sensors, and more.
"If SolarWinds had this protection in place, they could have protected themselves and others from this attack at a much earlier stage. For example, of all the laptops available, I use a Dell Latitude 5540, which has all the necessary security features. This laptop has proven to be the best partner throughout my work schedule, performing exceptionally well in the office and developing assignments. This makes it a wise choice for any company seeking to boost productivity and enhance security features." - Says Nika.
As for cloud services, SolarWinds used to store user information in the cloud; the hackers gained access to this cloud, and, thus, all the user details were exposed.
Staying vigilant and setting up maximum protection for cloud services are the pieces of advice that Nika gives to all entrepreneurs.
Such incidents set a precedent and teach important lessons. One might not need high-level protection at the early stages of business, but building a startup is full of surprises, and mistakes made at the beginning can surface in the growth process.
Cybersecurity is not a one-time task but an ongoing commitment that requires determination and continuous improvement.
Experience the pinnacle of security for remote work with the most secure commercial PCs* in the industry.
Our Dell Safe ID, Dell SafeBIOS, fingerprint readers, TPM chip, and lock slot options undergo rigorous testing, meeting and surpassing MIL-STD 810H standards. Dell Optimizer introduces intelligent privacy features to safeguard sensitive data. Onlooker detection alerts you when someone is viewing your screen, applying a texture to enhance screen privacy. Look Away Detect recognizes shifts in focus, automatically dimming the screen to enhance privacy and extend battery life. With ExpressSign-in, your system responds to your presence, waking up when you're near and securing your PC when you move away.
Our SafeSupply Chain solutions establish multiple layers of security and integrity controls throughout the supply chain.
Opt for optional tamper-evident seals to safeguard PCs during transit. Additionally, a NIST-compliant hard drive wipe ensures a clean slate for your device before incorporating the company image, reinforcing security at every step.
*Based on Dell internal analysis, September 2022.