How to secure field service management software in the cloud

While switching to Software as a Service (SaaS) has many benefits, it also exposes service companies to new risks.
 
The good news is there are very concrete ways to secure data in the cloud and on mobile devices.
 
Field service management software contains information about customers that must be protected, including their service history, how to access their facilities and service reports on their equipment. As countries around the world implement stricter rules for storing and protecting personal data, the need to secure customer data grows.
 
The General Data Protection Regulation (GDPR) implemented by the European Union is a prime example. Penalties for leaked data range up to € 20 million or 4% of a company’s worldwide turnover, whichever is higher. In addition to the financial risks, hacking can permanently tarnish a company’s reputation. Just ask Facebook…

There are risks in the cloud

SaaS solutions offer numerous advantages. Scalability, functionality, the ability to move to paperless process and take advantage of mobile apps are just a few.
 
But, moving data from corporate servers or private data centers to the cloud also brings new risks. Previously, applications were isolated and had limited exposure to the outside world. And that meant traditional firewall-based protection models and intrusion prevention systems were sufficient.
 

The castle protection model is obsolete

In the cloud, that’s no longer the case. Applications are open to the world, and can be accessed by mobile devices and third-party software through application programming interfaces (APIs) or web services. For example, field service management software can interoperate with accounting software to automatically trigger billing processes.
 
The castle protection models that were limited to protecting the workstations and servers hosting applications are now obsolete. As data moves to the cloud, new defenses must be put in place.

New protection solutions are needed

As its name implies, a data loss prevention (DLP) solution helps to avoid loss of sensitive data by continuously tracking it, whether it’s archived, stored or being processed. Business rules can be applied so that files cannot be printed, sent to an unknown email address, saved on a USB stick or hosted online.
 
A cloud access security broker (CASB) solution is a complementary solution that acts as a sentinel to control network data flows. It continually analyzes the traffic that enters and leaves the information system to help secure applications end-to-end from the cloud to connected end users.

Humans are the weak link in security policies

Companies can implement any number of protection solutions, but employees still present risks if they’re not fully aware of best practices for data protection. For example, social engineering techniques can be used to extract sensitive information from staff or to steal identity credentials.
 
These risks make it very important to educate employees about the basic rules of data security:

• Don’t click on suspicious links in emails from unknown senders

• Lock your screen when you leave your computer

• Choose a password that’s complex, but easy to remember, and change it regularly

It’s also important for employees to avoid using publicly available IT services that are not sanctioned by the company. Some employees make extensive use of webmail applications such as Gmail or Yahoo Mail, or file-sharing applications such as Dropbox or WeTransfer. Deploying field service management software that meets employees’ needs helps to avoid these types of risks.

Specialized software helps protect mobile devices and applications

Employees, such as maintenance technicians, are at greater risk for cybersecurity threats than others. These employees are almost permanently in the field so they don’t benefit from all of the protection systems available to their office-bound colleagues. And they’re exposed to additional risks such as theft of the information on their smartphone or tablet.
 
In addition to raising technicians’ awareness of the security risks in the field, there are solutions that are designed to protect mobile devices. For example, a mobile device management (MDM) solution allows administrators to manage a set of devices that are allowed to access enterprise systems. The solution ensures that mobile devices respect the security rules that have been put in place. It also blocks access to enterprise systems entirely if the device is stolen.
 
Mobile application management (MAM) software manages mobile applications. With MAM software, administrators can:

• Block installation of, and access to, applications that don’t comply with security policies

• Control the way data is used and shared

• Restrict application functionality to actions such as copy, paste or save

Cloud software providers play a key role in security

The GDPR regulation mandates that subcontractors implement all measures necessary to secure its customers’ data. Praxedo did not wait for the regulation to take effect before acting on the requirement.
 
The Praxedo application is hosted on dedicated infrastructure at OVH, a global cloud provider and the leading cloud provider in Europe. OVH guarantees compliance with the GDPR regulation, provides data backups on multiple servers at remote sites and offers application availability of more than 99.8%.
 
Access to the Praxedo application is through the HTTPS protocol with the same level of security as that required for online payments. Praxedo also works with companies that test the software’s ability to resist intrusion attempts so that any potential security risks revealed by the tests can be addressed as quickly as possible.