Nothing new here – managing a remote workforce | #phishing | #scams


Managing a remote workforce’s IT is no different to a traditionally dispersed workforce, says Scott Davidson, Managing Director of ISN Solutions.

With the impact of the COVID-19 pandemic wanning, its legacy is something that has fundamentally changed the makeup of many businesses today. With lockdown came remote working, and now since many have returned to the office, countless companies are choosing to continue a hybrid working environment where employees split their time between home and the office. This approach can require a major overhaul of a business’s IT infrastructure, but just how novel is remote working?

Scott Davidson, managing director at ISN Solutions argues that remote working is nothing new, and that Managed Service Providers (MSPs) have been addressing cyber security, productivity, and business development concerns in traditionally dispersed workforces for many years. 

With dispersed workforces, flexibility is crucial. In many industries remote workforces have been commonplace for some time. From energy to mining and from retail to banking, resilient IT infrastructure and security have been priorities for businesses wanting to equip its employees with the best and most secure equipment, and to manage the transfer of critical data from remote, satellite locations back to HQ.

These principles apply to any company looking to transition into a hybrid workforce, and much insight can be gained from the successes of these traditionally dispersed operations. Not least, how to manage breaches, scams, threats and of course, how to maintain or increase productivity.

Vulnerability to breaches

A 2021 report from cybersecurity firm Tenable claims that 74% of organisations attribute recent business-impacting cyberattacks to vulnerabilities in technology put in place during the pandemic. These costly and business-compromising attacks could result from the hacking of merely one unsecured device in a single employee’s home. With both personal and company devices sharing the same home network, the risk of planted malware, ransomware and banking Trojan software transferring from an employee’s personal device over to a company machine and going on to infect the entire company network is high, especially if the employee has not been trained in good security hygiene.  In addition, it’s extremely difficult to discover, intercept or monitor any threats from personal devices that may have transferred over home networks.

For this reason, an increasing number of businesses now implement zero-trust security architecture (where the system is assumed to be compromised, and staff access to data is severely restricted on a need-to-have basis). However, the draw-back of this approach is that poor planning can slow speed, productivity and collaboration.

An MSP can advise on and deploy the most appropriate security architecture to meet current business need and, in many cases, the solutions to these issues are more cost effective and affordable than business leaders may think. In fact, companies may already have licenses that have unused tools or features that can assist. Most solutions in today’s world are cloud-based and ‘as-a-service’, which incur monthly OPEX fees, rather than one-off capital investments on software and hardware.

These flexible as-a-service packages also provide the company with the assurance that the solution is always maintained by the provider, with the latest security updates and patches, allowing directors and C-suite executives to focus on business growth without having to worry about the risk of company data and operations being compromised. 

Phishing scams 

Criminals prey on the uncertainty surrounding sub-standard IT infrastructure and protocols often seen in mismanaged hybrid workforce. The number of phishing sites has increased by 27%, and this form of attack is the most common, constituting 83% of all breaches. 

Training staff in how to recognise phishing scams can save businesses a potentially costly experience down the line. In addition, any discovered threat should be dealt with immediately to halt or minimise potential damage. To avoid any unwanted and unnecessary hassle, companies may want to consider outsourcing IT support to an MSP to benefit from around the clock support with neutralising security threats. Criminals don’t only work office hours, and with particularly dangerous malicious software, such as ransomware, immediate action can make the difference between the breach being a small issue or a company-wide disaster.  

The threat of the insider

There was a disturbing growth of attempts to bribe or trick employees into sabotaging or releasing private and sensitive company information during the initial lockdowns. Now we are transitioning to what normal now is, companies have grown more knowledgeable about good security hygiene and practices and seek to secure systems, but hackers still increasingly try to exploit a company’s people, who may lack knowledge of good security practices and how to recognise a scam.

Unfortunately, home working introduces more risk of opportune ‘insider’ attacks, particularly in shared housing accommodations. A housemate could potentially discover an employee’s passwords to company equipment, and if the home workspace is shared, it’s possible to simply look over a person’s shoulder as they log in, without a busy employee noticing. 

Multi-factor authentication (MFA) may help to reduce the risk of insider attacks from people in the immediate vicinity, as combining authentication factors can make a machine less vulnerable to opportune break-in attempts. An IT MSP can deploy robust security measures, including MFA and firewalls, and back-up systems to ensure yours and your customers’ critical data is always protected.

Concerns

Many raise concerns about productivity in a remote environment citing, lack of specialised tools and equipment found in the office, as a major issue hampering effective work. However, in my experience of working with industries where remote workforces have always been the norm, when staff are supported with the right IT infrastructure, productivity, customer retention and business reputation can be enhanced with a hybrid workforce. An MSP can provide a bespoke solution tailored to the intricate needs of your workforce, ensuring that they can perform their job efficiently without being limited by substandard IT provisions. 

The technology and products available now have facilitated remote working. A major development that will be crucial for hybrid work environments, is Windows 365. This puts Windows in the cloud, making ‘your PC’ available from any device, anywhere. Being able to access your PC through an application or web browser on any device improves accessibility regardless of location, benefits from Cloud based security and has clear scalability to fit the dynamic mould of your business’s IT infrastructure. Developments like this makes remote working seamless for any business. 

Staff need to be empowered to be able to perform to a high level, not only for the purpose of staff wellbeing, but also for the positive impact on customer retention and business reputation. As we move away from the disruption caused by the pandemic, business leaders are now considering investing in technologies to upscale productivity and efficiency. 

A plethora of tools exist to facilitate automation of repetitive administration, freeing up staff time to focus on tasks that increase business value. Additionally, new technologies such as artificial intelligence (AI) are playing an ever-increasing role in upscaling business operations, particularly in the use of chatbots in customer service and providing insights to augment digital sales. 

However, it’s important not to rush into decisions and to continue to assess the efficacy and potential security risks of software and applications before committing to use. The term ‘Zoom-bombing’, in which malicious individuals listen in or interfere with private meetings, became well-known during the pandemic, as companies were forced to turn to virtual conferencing software at short notice. 

Outdated IT systems not only run the risk of becoming obsolete and hampering productivity; it can present a serious security threat to business operations, finances, and its people, should a costly scam damage business reputation and hamper growth. Businesses absolutely need to be prepared to cope with the demands of a modern workforce and an onslaught of new security and financial threats, particularly while many companies are still vulnerable whilst recovering from the fall out of the lockdown period.

Many industries with dispersed workforces have required remote working for years and the principles behind it are transferable and a bespoke solution should be created for each business’s unique needs. A ‘one size fits all’ approach is haphazard and can leave gaps in cybersecurity architecture, however, with a true understanding of a business’s complexities, a company’s IT, and the transfer of critical data, can be as robust as it was before the pandemic affected the way we work. But to many industries, particularly those that have adopted a remote working model for many years, it’s nothing new.



Original Source link

Leave a Reply

Your email address will not be published.

thirty five − = thirty one