“Connectivity came first—but now it’s time to assess your security gaps.”
Establishing connectivity first was the decision that many organisations took in their initial response to remote working. This has left a lot of companies exposed to cybercriminals. Could your company be one of these? Research from Ivanti demonstrates that cyber-attacks targeting remote workers have risen by an astonishing 30,000% this year. These attacks include phishing, website, and malware attacks of remote users. IT teams must minimise risk with continuous management and early intervention.
Cyber security investments are now deemed a necessity. Companies who invested in secure IT infrastructures to facilitate remote working without compromising security are now benefiting from long term solutions.
Key points to consider when moving forward with a secure workplace include:
- Uncovering and eliminating your security gaps in your remote working set up
- Implementing your secure remote work models for the long term; these are going to be needed for an extended period or permanently.
Close your security gaps
If IT opened firewall ports to allow remote access, now is the time to assess if there are products available that allow these ports to be closed but still afford remote working.
Office internet bandwidth
If staff are using video conferencing, this is likely to consume between 2 and 4 Mbps per user. This may have worked when staff were at home, since Ofcom reports that the average UK home internet download speed is 64 Mbps. However, offices often have 100 Mbps connections or less, so if an office is half populated and they are still using video conferencing, office Internet connections can become quickly saturated. Now these changes are required as more long term strategies, change and risk management processes that might have been undermined need to be considered.
Unapproved file sharing applications
One big area of concern involves unapproved file sharing applications. Many companies started using the applications without investigating security issues due to the level of complexity and time involved to conduct a risk review. If your company expanded remote connectivity with shortcuts, you need an assessment that focusses on reviewing access, the threats your remote workers might be creating and the current controls in place.
Quick self-check
Key questions your company should be asking include:
- What cyber-hygiene practises do we use, and which do we need to add?
- Are we managing our operational, regulatory and compliance risks?
- How well are we monitoring employees’ use of devices and applications (e.g., file-sharing, video-conferencing, collaborative work)?
- Do our computers have properly configured firewalls, including installed anti-malware and intrusion prevention software?
- How are we communicating with employees regarding secure practices like encryption of home routers and Wi-Fi networks, prompt installation of software updates, the handling of digital and printed information and adherence to confidentiality rules? (See our ‘secure remote working employee handout’ for more details.)
Implementing secure remote work models for the long term
Companies that quickly implemented secure IT infrastructure models that offer a long-term solution have distinguished themselves from the rest. Investments in solid technical infrastructures gives you confidence that you implemented marketing leading solutions and minimised risks moving forward. Investments in the Cloud, in modernising network architectures supporting legacy requirements, and in modern applications have paid off. Implementing such processes means business are running as normal both remotely and in the workplace whilst maintain high levels of security.
No one knows how long the COVID-19 pandemic is going to last. Companies need to implement a mix of both office and remote based work for the foreseeable future. Here are some points you should consider adopting to reduce risks of remote working over the longer term:
- Cloud technology that allows scalability of both reduction and increased users numbers e.g. Cloud-Hosted Desktop
- Solutions that give anywhere-anytime security whilst maintaining efficient user friendly IT systems
- End-to-End point security
- Robust risk analysis scenario planning
- Virtual security operations centres that enable remote work
Cranberry Cloud is one of a range of cloud-based services from Tivarri. Being one of the longest-serving providers in this market, with extensive knowledge of cloud technology, we have been heavily involved in industry wide communication protocols used for secure remote access. We provide full office collaboration with all common industry applications supported including Bloomberg professional. This has allowed us to successfully migrated thousands of applications to our cloud-hosted Desktop platforms.
Speak to one of our experts today: