CXOToday conducted an exclusive interview with Madhusudhan Krishnapuram, VP of Engineering and Country Manager, India, at GoTo.
- In the realm of hybrid and remote work, what security vulnerabilities emerge from the use of unsanctioned tools, and how does GoTo position itself to mitigate these risks while ensuring productivity?
The use of unsanctioned tools can pose a particularly serious security risk for hybrid and remote-centric businesses, where IT teams have less direct visibility into the actions of remote employees. A study conducted by cybersecurity company Kaspersky highlighted that 77% of companies globally have experienced cyber incidents in the last two years, with 11% attributed to the unauthorized use of shadow IT. Another study reported that 80% of “top-tier managers” in Indian companies admitted that miscommunication with the IT security team led to at least one cybersecurity incident. These insights reinforce the imperative for proactive measures to prevent security threats, underpinned by effective communication and collaboration between IT teams and employees to navigate the complexities of remote and hybrid work environments securely.
At GoTo, we recognize the importance of robust security measures in safeguarding against potential threats and ensuring compliance with stringent data privacy laws. Our commitment extends beyond acknowledgment, translating into proactive initiatives aimed at mitigating any IT risks that may emerge from adopting remote IT support tools while fostering a culture of transparency and collaboration, both for our customers and within GoTo.
Security is ingrained in GoTo’s culture, and our team stays ahead of emerging trends by focusing on key priorities. We operate a robust internal threat intelligence program, engage in information-sharing groups like IT-ISAC, FIRST.org, and InfraGard, and emphasize responsible AI to ensure secure the integration of innovative technologies. We safeguard our infrastructure and remote users with cutting-edge security technologies, provide ongoing cybersecurity awareness training to all employees, and maintain a robust compliance program that includes ISO27001, C5, SOC 2 Type 2, and GDPR.
- As organizations navigate beyond traditional firewalls to monitor IT threats, what innovative strategies does GoTo employ to track and address evolving cyber risks in today’s dynamic digital landscape?
Traditional firewalls alone can no longer stand as a shield against evolving cyber threats. As such, GoTo’s brings a security-first ethos to our role as a leading provider of remote IT support and management tools. We are deeply committed to empowering organisations to go beyond basic compliance while embarking on their digital journey. At the heart of it lies a suite of flexible, secure solutions meticulously built to navigate the complexities of remote and hybrid work.
Our tools GoTo Resolve and LogMeIn Rescue, which include features such as secure remote access, multi-factor authentication (MFA), and single sign-on (SSO) form the vanguard against emerging threats, safeguarding IT tools in remote work environments. By adhering to stringent data protection measures and regulatory standards like GDPR, HIPAA, and SOC 2, we fortify our defences where sensitive information finds sanctuary against the attack of unauthorized access or breaches.
Furthermore, our holistic security extends beyond remote support, encompassing consolidated IT management and monitoring. GoTo offers a unified platform with comprehensive features, empowering organisations to standardise security measures across departments seamlessly. Our consolidated IT tools serve as the key to a robust security framework, boasting customizable security measures tailored to individual business requirements. From secure account setup and identity management to end-point management and mobile device management, our solutions leave no stone unturned in fortifying organisational defences against cyber threats.
- Recognizing the paramount importance of human vigilance in cybersecurity, how does GoTo empower users to become active participants in cyber defense while leveraging its remote IT support and management tools?
At GoTo, we aim to empower end users to become active participants in cyber defence. Our approach goes beyond traditional security measures, offering innovative strategies and smart IT support tools to navigate the complexities of the modern digital landscape.
We understand that every organisation faces unique cybersecurity challenges, influenced by factors such as industry, size, and regulatory requirements. GoTo’s security-first approach is reflected in our adoption of a zero trust framework. This involves presuming no implicit trust, even among internal users and systems, to ensure that every network communication and access request undergoes rigorous identity verification. This proactive stance minimizes the risk of unauthorized access and strengthens overall security posture.
In addition to zero trust, our IT support and management platforms integrate advanced features such as secure remote access, multi-factor authentication (MFA), and single sign-on (SSO) to fortify remote work setups. These measures not only enhance security but also streamline user experiences, empowering IT agents to work and resolve end user issues efficiently from anywhere, without compromising safety. Through continuous monitoring, vulnerability assessments, and rapid incident response, we help organisations stay ahead of potential threats and maintain robust defences against cyberattacks.
Collaboration between security and IT infrastructure teams is another important aspect of our approach. By working closely with our clients to integrate security into every aspect of IT design, implementation, and maintenance, we ensure that security remains a top priority throughout the organisation.
- Amidst the surge in remote work, how does GoTo’s suite of secure, flexible, and scalable remote IT support and management tools redefine organizational resilience, particularly in mitigating cyber threats and ensuring uninterrupted operations?
Remote access scams have emerged as a prominent threat vector, exploiting vulnerabilities, and stealing sensitive information from organisations. These involve scammers impersonating trusted entities to trick victims into granting them remote control over their desktop or networks, potentially resulting in financial loss or data exposure. They exploit social engineering, fear, and trust to compromise cybersecurity.
From an IT decision-maker point of view, three key priorities emerge: understanding and safely enabling generative AI, demonstrating ROI through posture management, and optimising systems for efficiency and security. By focusing on these priorities, IT leaders can navigate the complexities of the evolving cybersecurity landscape and ensure they are well-prepared to mitigate risks. They must adopt proactive measures, including well-documented security policies, company-wide trainings on common phishing attempts, and the use of secure passwords and multi-factor authentication.
Furthermore, organisations should minimise access to essential functions, regularly update software, and establish a VPN or implement remote access platforms. In the event of a security incident, having a well-defined incident response plan is paramount to swift counteraction and minimizing damage. Regular data backups, vulnerability assessments, and adherence to data protection laws and industry regulations are also essential components of a robust cybersecurity strategy.
The post Beyond Firewalls: Why End User Vigilance is the Ultimate Defense appeared first on CXOToday.com.