Upscaling teleworking capabilities
The rapid escalation in the number of employees who are working from home is creating several challenges for employees. Businesses should look to empower employee productivity regardless of the location of their desks. To do so, CIOs and employees alike will need to have confidence in the right tools and software to securely access corporate data.
A TUC report found that 1.6 million employees regularly worked from home in the UK in 2017. While there are no exact statistics on how many employees are working remotely since the COVID-19 pandemic began, it is estimated this number is significantly higher than the 6.1% of the UK workforce who did so a few years ago. This means that companies that did not previously have a cyber security policy that accounted for home working are now forced to create one fast or leave the enterprise in a vulnerable state. Organisations more experienced in WFH will need to quickly adapt to the increase demands.
As such, CIOs must quickly and securely scale the devices under their organisation’s control. An efficient and painless way to do this is to instate a Bring-Your-Own-Device (BYOD) policy. A BYOD policy assumes employees are going to be using their personal devices for business use. This means there is an added risk to the enterprise since employees will be accessing sensitive corporate resources from networks and devices which are not restricted in a physical perimeter that IT departments can monitor and secure.
Securing personal devices
Using a comprehensive unified endpoint management (UEM) platform as part of their BYOD policy means IT departments can secure corporate data on multiple devices from different locations and monitor and mitigate threats from afar. Out-of-date programmes and operating systems, unsecured Wi-Fi networks and a lack of antivirus software are all potential risk factors.
In some cases, partitions can be created so that the device is split into two user personas: the work persona, and the personal one. In this way, the employee has full access over the personal side of the device, while the work side is kept separate and safe from threats from websites, programmes or applications that are used on the personal side.
Securing personal networks
Apart from securing devices, CIOs can also enact policies that make use of virtual private networks (VPNs) with split tunnel capabilities, in order to protect the enterprise from threats brought about by the different Wi-Fi networks employees connect to. Employees’ home Wi-Fi routers can all be configured in different ways which can allow varying levels of protection and a split tunnel VPN is the most secure way for employees to access company networks.
Split tunnel VPNs provide connectivity to resources behind the corporate firewall so mobile employees can access the productivity apps and content they need without jumping through security hurdles to get there. CIOs should choose a VPN that can be established over any network for scalability. Personal and malicious apps are blocked so that only business data flows through the VPN, which provides greater protection for enterprise data and user privacy.
Ensuring continuous protection
Another significant step CIOs should take to empower employees to work remotely and securely is the deployment of a threat detection management tool. This protects the device and the data it contains from threats at an application, device and network level, from leaky or malicious software and from phishing attacks. It does this by constantly monitoring for threats that exploit security gaps and user behaviour, even when the device is offline.
A threat detection management tool also works to immediately remediate potential threats and breaches by instantly notifying users or taking action to quarantine devices. There is no need for users to activate or deploy the software as it can be remotely managed by IT departments, which also ensures users are unable to modify or remove the threat detection tool from their device. In this way, the enterprise offers employees an additional layer of security which enables them to continue being productive without worrying about compromising important business data.
CIOs need to ensure they enrol new users and all their relevant devices under management to authenticate them. By utilising additional security measures such as VPNs and TDM tools as part of their security policies, they can ensure full protection within a boundaryless security perimeter. Completing the onboarding process for the entire workforce that is working remotely might be a time-consuming process, but it is vital this is done as soon as possible in order to ensure the security of the enterprise. Since cybercriminals are already exploiting the relaxed security measures brought about by the sudden need for organisations to shift a large part of their workforce to teleworking, as shown by a Europol report, these security measures must be enforced swiftly.”