Remote working is unshackling workers from office desks, but how secure is it? To understand more about the cybersecurity landscape, Digital Journal spoke with Cindy Provin, General Manager at nCipher Security and SVP at Entrust Datacard. Provin considers how to secure an organization with the rapidly expanding remote workforce.
One common theme in terms of remote worker cybersecurity is with the ‘zero trust’ concept. As businesses are quick to ditch their office spaces, they will need to allow employees to have secure remote access to corporate systems as well as implement Zero Trust. This approach ensures that only authenticated users with compliant devices, whether corporate, personal or public, can connect to authorized applications over any network, whether on-premises or in the cloud.
In terms of other issues to consider as part of the remote working bubble, Provin begins by looking at how managers are deaing with the expansion in remote working, at the procedural level: “With the COVID 19 pandemic, businesses are creating new policies to enable more employees to work from home to keep them safe.”
This leads onto more general security issues, where Provin details: “Amid this remote work expansion, security and identity are now more important than ever. The challenge, however, is that telecommuters don’t have the protections of their corporate network. Though not a foolproof method of cybersecurity, organizations don’t always have enough VPNs to go around amid the sudden work-from-home movement.”
Picking up on one form of weakness – scam messages – Provin notes: Reports suggest phishing increased 667 percent between the end of February and late March. Organizations that do not use multi-factor authentication for remote access are particularly susceptible to phishing.”
Provin also looks at job roles within the corporation, and how security should be handled: “Chief information security officers must act now to safeguard their businesses and enable all knowledge-based employees to work from home on a permanent basis”, including addressing “the ongoing work-from-home movement with security-as-a-service (SECaaS) offerings, enabling users to benefit from security immediately and without a major upfront expense.”
