Is your hybrid workforce really secure from emerging threats?

6


7

Covid-19 instantly transformed business, forcing millions of people to become full-time remote workers without any chance to prepare.

As we adapt to the post-pandemic age, businesses are now considering both what their long-term workplace will look like and what the consequences of their choices entail. The age of hybrid working has dawned.

Moreover, companies will be thinking about how they can ensure their new ways of working doesn’t give hackers opportunities to create chaos.

Gartner also estimates that remote workers will represent 32% of all employees worldwide by the end of 2021. This is up from 17% of employees in 2019.

The technology which supports the hybrid workforce usually runs on hybrid IT – a mixture of on-premise software, hardware and computer processing that runs in public and private clouds.

For many enterprises, the sudden switch to remote working and cloud technology meant there was little time to consider the long-term implications of cyber security.

Hybrid working is decentralising IT and expanding the enterprise perimeter. IT departments must secure the perimeter while ensuring that workers have seamless access to a growing number of applications in public, private clouds and traditional IT systems that are stored on company premises.

As data traffic on company networks continues to grow and cloud IT infrastructure becomes more crowded and complicated, companies face new security challenges.

Workspace and endpoint management software that gives companies an overview of their growing number of applications and their security risks and helps control employees’ access to them, will become an increasingly important part of the post-pandemic approach to cyber security.

According to separate research, hybrid working may be increasing the cost of cyber security breaches.

The rapid shift to remote operations and hybrid during the pandemic appears to have led to more expensive data breaches, according to research published in 2021 by Ponemon Institute.

One reason why hybrid work is causing cyber-security challenges is that the “attack surface” for cybercriminals is much bigger.

So how can companies mitigate the cyber security risks of hybrid working?

Review and secure your endpoints

Cybercriminals scour company networks for weak spots in cyber security. Endpoints, or entry points – used on devices including laptops, tablets and mobile devices – are a favoured target.

Endpoint information software and security services will give your IT administrators an overview of all endpoints in your organisation. However, is the software robust enough to handle your hybrid workforce? Key questions to ask your supplier should include:

  • Is your endpoint security tool able to detect advanced security risks such as ransomware as well as malware?
  • Is there a single cloud-based console where your admins can manage your endpoints, investigate incidents, and triage alerts?
  • Is your endpoint security tool software-driven, cloud-based, and constantly updated with the latest improvements in security software?

Update your employee training in cyber security

The majority of data breaches are caused by human error, research suggests.

Employees need to be better at spotting a phishing attack, know how to securely use a virtual private network (VPN), lockdown their home network, and heed data protection regulations, including Europe’s General Data Protection Regulation.

Ditch passwords

Multiple passwords can be a nuisance because they are hard to remember. They can also be easy for hackers to guess. To increase security, organisations typically require employees to update passwords on a regular basis and adhere to minimum requirements to create strong passwords.

In the long term, biometric technology is likely to render passwords obsolete. In the meantime, companies can make their passwords harder to crack by using a password manager to create strong passwords and store them in a secure location and using multifactor authentication and digital certificates for identity verification and secure communication.

Use security software that is designed to protect the cloud

Cloud security software can give your IT staff a real-time view of security threats to your cloud computing and web service. The software lets you act quickly to pre-empt a security breach or minimise damage if one has already occurred.

Your security teams can use the software to restrict uploads of sensitive data to unsanctioned cloud services (shadow IT), block downloads of malware-infected files, or even limit access to various cloud services based on device status.

Securing the hybrid workforce will not require an overhaul of security technology or scrapping proven security methods and standards. However, companies’ rapid shift to private and public clouds during the pandemic and the continued proliferation of devices and apps that employees use to access company data and networks will require a shift in strategy.

The enterprise perimeter has expanded and that is creating new security risks. Endpoints will need to be secured. Employee security training will need to be updated to incorporate the risks and rewards of hybrid working. Software that can verify employee identity and control access to a multiplicity of apps and devices will help organisations keep the benefits of a hybrid workforce without cutting corners in cyber security.

Learn more about Dell Technologies and VMware solutions: Unified Workspace | Dell Technologies United Kingdom