March 2020 saw reams of businesses close their physical doors and retreat to the safety of remote working. However, this presents new challenges to the safety and cybersecurity of organisations. Andy Compton, Founder and CEO of Cortida outlines the risks and rewards of protecting your computer systems
Your business is most likely already online, but the pandemic has created a predominantly digital, remote workforce overnight. More remote users, more digital devices, more remote risk. As you open up resources to support your clients, staff and business throughout the Coronavirus crisis – you rely on a multitude of variables that without proper management, leave your networks, data and organisation vulnerable.
Applying a structured approach can strengthen your cybersecurity posture and protect your remote operation, thereby reducing your exposure to cybercrime. Three primary approaches should be considered when moving employees from a protected internal corporate network to working over the public internet. A strategic approach that applies to upper management and deals with governance. The tactical approach that deals with what IT and security specialists need to consider as they implement new solutions. And the people approach that provides sensible ways of dealing with new working conditions that all staff should be aware of.
STRATEGIC: PREPARING FOR REMOTE WORK
The themes of the strategic approach include understanding risks, ensuring confidential or sensitive data sits in centralised systems (rather than a user’s own devices) and ensuring data access is managed and follows a principle of least privileges. Equally important is the need to implement a solution that can apply centralised management of user devices to reduce the likelihood of risk. Finally, providing clear guidance on what rules should be applied to remote working is essential. Each is discussed at a high level opposite.
- Risk assessments – Conduct a risk assessment that considers what data needs to be exposed over public networks, who needs access to it, what security measures are required to protect it and whether they already exist. With an elevated understanding of the risks, it is possible to determine risk treatment options which may include tolerating, transferring, or treating the risks.
- Centralised management – Take positive action and use tools that provide centralised access to files and other network resources that can enforce security management regardless of the user’s location. Examples of solutions that can centrally manage security in remote working include:
- File and email management – Providing a remote access environment such as Office 365 or Google allow your organisation to ensure staff sync files or emails back to a secure location which is protected by backup and encryption.
- Identity and Access Management (IAM) – IAM ensures networked users are allowed access to only the resources relevant to their role and authority. It is essential to ensure the principles of IAM are applied and maintained regardless of whether a worker is based in the office or remotely.
- Mobile Device Management (MDM) – Such solutions provide centralised provisioning and enforcement of your company’s security policies against devices that will be used away from the office.
- Formal remote working policies – Ensure your company’s rules for home working are formalised via a policy that everyone has read, understood and agreed to. The policy should be clear, unambiguous and allow your employees to understand the risks and consequences of not adhering to them and explain that compliance will be monitored. It should be explicit about what devices can be connected to the network and that devices may not be shared or used by other family members.
- Incident preparedness – Ensure your organisation has an up-to-date incident response plan; that it includes remote working scenarios and has been tested to ensure it can be followed in the event of a data incident.