In the rush to implement work-from-home processes, organizations may have missed out some important principles that can facilitate productivity.
With so many people now working from home, the corresponding surge in app usage, unmanaged devices, web traffic, and accessing internal resources is making security a much trickier prospect.
Last year’s urgent shifts in business practices had thrust IT departments into the spotlight, giving them more influence than ever over how businesses should view this critical function. Executive boards worldwide were clamoring to establish new remote work processes as quickly as possible, and they were (and should still be) willing to provide the budget needed to achieve it.
However, that does not mean getting it right is easy. Even with the budget and backing, any effective security solution needs to achieve the dual goal of protecting against threats and safeguarding sensitive data without impacting on business productivity or performance.
Four tenets to follow
In an office environment, things like exercising good email discipline and not clicking on suspicious links/attachments were fairly simple to uphold, but when workers went remote, the discipline went out the window. This situation looks set to remain for the foreseeable future.
According to one Gartner report, 74% of companies did not want their employees returning to an office. As such, cybersecurity professionals have had no choice but to adapt as quickly and efficiently as possible. The question is, how?
The four central tenets that organizations can follow in order to achieve the best possible threat protection and data security in place without compromising on worker productivity while WFH are:
- Consolidation
Start by moving all on-premises deployments into the cloud where they can be easily managed. Next, centralize policy management using technology such as cloud access security brokers (CASBs) and secure web gateways (SWGs). Finally, look to adopt a modularized and flexible approach to policy engines wherever possible. - Simplification
Keeping processes as simple as possible further removes the chances of vulnerabilities going unnoticed. As mentioned above, eliminating on-premises solutions and migrating to the Cloud keeps everything together, helping to avoid a fragmented security environment that is much harder to control. - Cost effectiveness
Effective consolidation and simplification allow for a much more cost-effective approach. Deployments and configurations can be done in days instead of weeks, and will allow businesses to rapidly find the balance between security, availability and productivity. - Future proofing
Finally, ensure any new approach is suitably future-proofed for scale. Doing so means that businesses can adapt quickly and dynamically to any changes in workload, while eliminating any backhaul traffic bottlenecks that can impact productivity over time.
By adopting these tenets, organizations that are WFH can quickly implement a new, readily deployable security solution that uses real-time data loss prevention to prevent data leakage on downloads and limit access from any risky, unmanaged assets. Such solutions are also able to distinguish between managed and unmanaged devices, and use advanced threat protection for uploads, downloads, and data-at-rest— significantly improving security at every stage of the process.
Undoing the rushed cybersecurity
As the business world continues to adapt to the new way of working, security mistakes of the past 12 months should no longer be repeated.
Rather than taking a panicked scattergun approach, organizations must review any cybersecurity measures made in a rush. They should now take their time and select a consolidated solution, following the tenets laid out here are a starting point of a powerful cloud-based security solution that is fit for purpose—both now and in the future.