Corner OfficeExpert OpinionSecurity

3 Steps to Ensure Security in the Remote Work Era

A whopping  82 percent of the IT teams registered a surge in cyber-attacks in 2020, a recent survey by a security firm reveals.As companies the world over increasingly digitalized their operations to maintain business continuity by enabling a remote workforce, they also exposed themselves to cybersecurity risks. Needless to say, as remote devices are typically not protected by enterprise-grade security, leaving not just remote workers but also the enterprise network vulnerable to be exploited by malicious actors.

According to the aforementioned report, 52 percent of IT teams said that their morale increased during 2020. Turning the adversity on its head, they took the challenge of heavier workload and more intense attacks as an opportunity to build their cybersecurity expertise.

Here are some of the top solutions that IT teams are implementing to unlock a safer and more secure remote as well as hybrid workforce.

  1. Enable multi-factor authentication

While VPNs allow employees to securely connect to the enterprise network, they are not immune to cyber-attacks, especially if they are not updated or do not use robust authentication. Organizations need to take measures to ensure that their employees have credentials that can only be used by them. Multi-factor authentication (MFA) is one of the best ways to secure an enterprise’s network by requiring two or more authentication factors before authorizing employees to access sensitive information. MFA can take the form of a TPM-enabled USB token, a biometric security device, or an authenticator app on mobile devices (in addition to the password).

  1. Educate employees with cybersecurity training and awareness programs

In the midst of increased attacks, a proactive approach to cybersecurity education and awareness is critical. Employees may not be aware that using a personal device in a public Wi-Fi hotspot can leave their data at risk for example. Employees may believe that if they are not dealing directly with client data or are not in a position of authority within the organizational hierarchy, they do not need to be concerned about data security. Organizations cannot presume that their staff are aware of cybersecurity issues which is why on-going employee education is critical

This is where a cybersecurity awareness program steps in to create a culture of security at the organization. An effective cybersecurity strategy includes a comprehensive training program for employees, as well as continuous compliance monitoring protocols. The training program should be developed to reflect the requirements of a remote workforce, including guidelines on how to use secure access solutions such as MFA.

  1. Establish a central repository for cyber intelligence

IT teams are also adopting new tools to help them detect and mitigate threats against the enterprise’s remote workers as well as their local office. This umbrella term can include everything from malware detection and web application monitoring to using advanced connectivity and collaboration tools equipped with robust cybersecurity features.

A central cyber security intelligence repository is critical to identifying the latest threats and rapidly responding to cyber-attacks. Enterprises need a cyber defense solution that leverages machine learning algorithms to correlate large amounts of data from disparate sources for faster identification of potential attacks.They can also use AI-powered security frameworks to proactively trigger automated response, without needing to mitigate the damage post-facto.

The purpose of a cybersecurity strategy is not just to keep cyber-attacks out, but also to ensure that the enterprise can stay ahead of the attackers. Even as IT teams are optimizing their cybersecurity practices to enable a remote workforce, the remote workforce will also need to become an active part of the solution, not the problem. There is no question that establishing a secure workplace will be key to ensuring the success of not just the enterprise’s digital transformation but also its business goals.

(Mathew Philip is Senior Director – Alliances & Business Development, APAC, LogMeIn and the views expressed in this article is his own)

Leave a Response