Preparing for Tomorrow: Cybersecurity in a Remote World

The world is adjusting to a new reality. While working from home may be the norm for many tech companies, organizations of all shapes and sizes are now faced with the unique challenges that come from remote employees, trying to navigate how to secure their networks in an uncertain world.

Today, they are concerned with keeping the employees – and company – safe and connected, but as the days become weeks, and weeks are certain to become months, they also have to start considering their future plans.

A lot of people are wondering what their jobs will look like after the dust of COVID-19 settles, and it’s a good question. A friend recently mentioned he’s noticed the success of his remote employees and will be foregoing their corporate offices in lieu of a “drop in” office space when needed. I think this is a great direction and personally, since I’ve been working from my home office the majority of my career, I  strongly recommend more employers support this alternative.

Why should companies waste money on renting an office space if their employees can work efficiently from home? This not only is a cost savings, but this gives employees a better work/life balance – replacing the hours normally spent commuting with extra time at home with their families.

While it may not occur overnight, within a few years I anticipate most employees will ask for remote flexibility. Therefore, businesses must become open to the idea and plan ahead. While this won’t be an option for all jobs, and we’re thankful for those essential workers continuing their day to day throughout this crisis and after, the roles that normally insisted on being inside an office, nearby their colleagues, no longer have this requirement. With remote workers being more productive, employees have proven they can successfully do their “desk job” from home.

So, what happens next? Companies must begin to establish processes and procedures to make this critical shift. Start by looking at the costs involved. While there are savings to be had, there are may also be new cost factors to consider.

From a technical perspective, employees may need laptops, phones, monitors and other items most consider essentials to function properly in a home office. While this appears simple, how do you secure your networks and keep your data and employees safe when working outside the main office?

This is most often where companies struggle, making sure your systems are not being compromised. Setting up Network Access Control will track critical criteria to ensure the right person is signing in. We’ve already seen an influx of adoption in VPN and EDR services which will only ramp up more as companies get settled. The cost is low overall, and setup properly, they can provide immense value and security to companies.

For instance, setting up password controls, adopting two-factor authentication and strong encryption, and monitoring by geo location helps to determine baselines and look for anomalies. However, installing these solutions and use cases is not enough – you also need the staff to maintain and monitor these for suspicious activity.

It is essential to not only have the right tools in place, but also a staff to support it. We all know that cybersecurity staff is hard to come by – and even harder to keep. Companies may want an in-house team to manage this new endeavor, but they will struggle to fill those seats; unless they find the unicorn, they will end up hiring someone with limited experience and skillset, that is only able to cover a specific area or scope. They will also need several layers of protection so that they can monitor systems 24/7 and have backup if someone leaves.

Having an in-house team is a good start but for most sub-enterprises and medium sized businesses, you need to consider outsourcing some or all of your cybersecurity. As remote working has proven effective, using an MSSP or similar acts as an extension of your team, giving you direct access to skilled professionals with a large breadth of skills and knowledge of cybersecurity products.

It’s also been shown that cybersecurity services provides a significant cost savings which can be helpful during these difficult financial times. Finding the right partner not only saves cost, but also removes the hassle of trying to find, train and retain the staff to let your in-house team focus on other priorities.

In the end, companies must be prepared, for change is imminent. However, with the right perspective and plans, they can be prepared for its onset and be confident they’re setup for success in this new environment. While we are currently in a time of uncertainty, cybersecurity does not have to be one of them. By anticipating this change, you can be ready for the shift to a remote workforce.

What’s Hot on Infosecurity Magazine?