*Lucas Santos
The New Normal
In 2020, we saw the emergence of a term to describe the transformation of human beings on a global scale: The “New Normal”, used to define the scenario caused by the pandemic of COVID-19.
The pandemic required sudden social isolation, directly affecting the performance of routine activities, such as the work and studies of many people around the world. The moment fueled the importance of Business Continuity Management, as the quarantine started without an end date and several organizations needed to keep their operations active.
The lack of prediction for the “return to normal” awakened the natural instinct of the human being to adapt to the environment in which he lives, causing companies to find a way to offer their products / services remotely to their customers, using more diverse technological resources that they had available.
Increase of data circulated in the Internet
Remote work, Distance Learning (EAD), e-commerce and telemedicine stand out in the process of adapting human beings to the “New Normal”, as these resources enabled individuals to perform some of their routine / leisure activities even without face-to-face contact.
Information Security (IS) plays a fundamental role, since the increase in activities performed remotely is proportional to the increase in the amount of data that is circulated in the Internet, whether personal or corporate data.
The large amount and variety of types of data circulated online they are not only inputs for the services provided, but also for possible attacks. For attackers, the amount of data available can mean an increase in the chance of success of the attack as well as a variety of ways of exploiting targets.
Therefore, it is understood as essential to implement safe ways for the collection, access, sharing and disposal of data in the Internet.
Control over data
Luckily, in 2020 the General Law on the Protection of Personal Data (LGPD) came into force, which establishes rules for the way companies treat their customers' personal data. Among several guidelines, the Law requires, without establishing technical standards, that the organization implements Information Security in the treatment of personal data.
As for corporate data, there are regulatory bodies for the most diverse lines of business, which can define rules for the way consumer data is processed, such as ANATEL, for the telecommunications sector and BACEN, for financial companies.
In addition to regulatory bodies, there are frameworks and standards, whose adherence is not mandatory, but that help increase the security of processed data, such as ISO / IEC 27001: 2013, ISO / IEC 27701: 2019, NIST, among others.
Measures to avoid exposure
Despite the existence of rules and laws that assist in the security of data processing, there are some measures that users must follow to ensure security in the circulation of data:
- Check carefully the reliability of the recipient before sending information;
- Use and periodically renew strong passwords for authentication on systems and platforms that traffic data on Internet;
- Avoid installing software provided by unknown suppliers;
- Keep up to date on the types of scams that exist and how to avoid them.
Final considerations
The Novo Normal showed that the remote execution of activities is a possible reality, making the circulation of data in the Internet increasingly present in the daily world.
Threats will never cease to exist. Thus, Information Security, assumes the role of an indispensable factor for the constant human evolution.
* Lucas Santos is Consultant in GRC & Information Security at [SAFEWAY]
About [SAFEWAY]
SAFEWAY is an Information Security consulting company, recognized by its clients for offering high value added solutions through projects that fully meet business needs. During these years of experience, we have proudly accumulated several successful projects that have earned us credibility and prominence in our clients, which constitute in large part the 100 largest companies in Brazil.
Today, through 22 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best technology solutions, processes and people. SAFEWAY's SOC uses QRadar to monitor customer environments.
