No Jitter is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Don’t Compromise Security with Your Remote Workforce

NicoElNino.jpeg

security padlock
Image: NicoElNino - stock.adobe.com
To stop the spread of the coronavirus (COVID-19), companies worldwide are issuing work from home directives that are exponentially scaling remote working. Companies across the globe are rapidly working to develop strategies to sustain, support, and connect a more dispersed workforce. One of the challenges organizations face in supporting a remote workforce is to provide the tools, resources, and solutions employees need to communicate, collaborate, and remain productive without compromising security.
 
As this crisis continues to unfold, organizations are first addressing the top priority of securing the health and safety of employees. Next, the focus will be on developing or reshaping critical business continuity plans to ensure a high level of operations and minimize disruptions in a very fluid and challenging environment. As part of this process, IT leaders are evaluating how well its organization’s technology infrastructure supports a decentralized work environment and taking action to equip employees with the tools, devices, and collaboration platforms needed to keep operations running securely and smoothly.
 
Even before COVID-19, organizations grappled with this issue as remote working over the last 15 years continued on an upward trend, increasing 159% since 2005 and 44% over the last five years. The unfortunate spread of the disease is rapidly accelerating remote working, making it the norm today. A March 2020 Gartner online poll found that among 805 responding organizations, 88% now encourage or require employees to work from home, regardless of whether or not they show COVID-related symptoms.
 
Many organizations are finding that they lack the technology infrastructure critical to supporting the shift in workplace dynamics to a more distributed workforce. 54% of HR leaders in a Gartner poll indicated that poor technology, infrastructure, or both, is the biggest barrier to effective remote working.
 
Remote workers need robust collaboration solutions to communicate effectively with internal and external stakeholders. If companies don’t provide access to these solutions, employees will turn to unsecure consumer-grade messaging applications like WhatsApp and Facebook Messenger for business communication. While consumer messaging apps have evolved beyond messaging into communications platforms that enable voice and video calling, access to content and the sharing of content, the usage of these platforms can introduce serious cybersecurity and compliance risk to the enterprise.
 
Another byproduct and potential security threat of the widespread remote working norm is an increase in employee use of their own devices for business. BYOD (Bring Your Own Device) has been on the rise in recent years. A recent Messaging At Work report found that that 30% of respondents prefer to use their own device for work. The rise in BYOD is also fueling the use of consumer-grade messaging apps as business communication tools. The report also found that usage of non-regulated consumer messaging apps has become common in the workplace, with 50% of respondents indicating they use these apps for mobile work communications.
 
This issue should be a major concern for enterprises as employee use of consumer-grade messaging apps weren’t built to be secure at the enterprise level. Opening the door for hackers to use these platforms to infiltrate enterprise networks and gain access to sensitive company information could be critical to performance. Video communication platform, Zoom, is one example of a consumer-grade app that has soared in popularity since the onset of the stay-at-home order. It has since come under fire for its lack of security, leading many enterprises to ban the meeting app from business communications.
 
A recent McKinsey article on remote working lessons from China noted that “security concerns add a layer of complexity to the technological side of remote working, and can have serious consequences. In particular, when employees aren’t aware of safe practices or switch to unauthorized tools to get their work done.” The article went on to say, “doing it right requires giving employees the tools they need to be productive while managing data confidentiality and access.”
 
Enterprises are striving to ramp up to support increasing numbers of remote workers. As this happens, organizations might be tempted to address the security issues of using these consumer-grade messaging apps for business communication by providing staff training on their usage or implementing corporate policies and controls to govern the use of these applications.
 
These measures aren’t the answer to protecting data and security. The fact is, it’s difficult, if not impossible, for organizations to monitor conversations and interactions via consumer messaging apps. To lock down business communication, organizations need to provide purpose-built secure mobile messaging platforms with features employees need and the data security that will allow IT leaders to sleep at night.
 
The ongoing challenge for IT as the global pandemic shifts more employees to remote working is to ensure that employees can communicate and collaborate productively without compromising data security.

Comments

That's one of the most informative article I have read online :) It must have taken weeks to curate it. Thanks for sharing it Anurag:) I too would like to add some points in context of this work from home during the ongoing pandemic. One of the most important point to keep in mind is about the cyber attacks our systems are susceptible to while using our private network, the common one being the Corporate Account Takeover Attack (CATO). This is a powerful trick used by hackers wherein they gain access to an organisation's secured data by using employees' login credentials. Some of the most targeted industries by such attackers are retail, hospitality, media and entertainment, finance, sports and gaming. However, there is no need to worry as there are capabilities around corporate account takeover risk detection that can help organizations fight back. Some of them are: 1. Flag emails that are too similar to your corporate email account. 2. Register all domains that resemble your actual corporate domain. 3. Add MFA/2FA authentication to verify the payment location, if it has been changed etc. Regarding the same i read another quite informative article, the link of which I am sharing below. https://www.loginradius.com/blog/2020/04/corporate-account-takeover-attacks/ I’ll be sharing your article with my colleagues and friends, keep up the good work Anurag.