The New Satellite Office

By Michael Asher,  Chief Information Officer RFA

With many employees working remotely firms now have having many “satellites” offices and the potential for a host of remote security and privacy issues. We explore what the most glaring vulnerabilities in this area are and how firms can they protect themselves and their employees.

What are the most glaring vulnerabilities in this area for businesses using remote or hybrid workforces?

From an organizational perspective, data loss is, by far, the most prevalent. We have recently seen digital transformation rates peaking to levels reminiscent of the .com boom. Companies are rapidly progressing through these digital transformation initiatives, often without proper technical and operational due diligence. We have seen a significant increase in cloud adoption rates since the beginning of the COVID-19 pandemic focused on enabling remote access, communication, and collaboration capabilities for companies as they shift to a distributed remote-work model. Enabling these capabilities without proper consideration of security implications can potentially lead to unauthorized data exposure.

Now more than ever, practicing cybersecurity hygiene is of paramount importance for every technologist. Unmanaged devices that do not have corporate security protections or policy enforced leave devices exposed to malware attacks and enable employees to store and transmit corporate data using unapproved mechanisms. Once a device is compromised, user credentials and data stored locally on the device are at risk. Employees working remotely are often connected via a home or public network, allowing malware propagation to corporate networks.

Gone are the days when people felt secure taking physical copies of their presentations after a meeting. Now, data collaboration and file-sharing technologies are increasingly integrated into modern business solutions. Because of the rapid adoption of remote collaboration solutions, the industry is still catching-up on adopting corresponding security measures. Ensure technology solutions enabling employees to share information are accompanied by security capabilities, such as watermarking and encrypted communications, and provide ongoing employee training on appropriate use.

How can they protect themselves and their employees?

Many firms should consider investing in VDI (virtual desktop infrastructure) technology while they roadmap towards public cloud transitions. VDI deployments accommodate accessibility from most modern personal devices in-use by consumers over a secured browser-based Internet connection and do not require corporate configuration or management of the end-user device. These deployments achieve availability and accessibility while maintaining corporate data security posture.

To ensure company executives can continue sleeping at night, deploy containerized mobile device management (MDM) solutions to whitelist specific applications that can access and interact with corporate data, and restrict access from unapproved applications. MDM solutions facilitate conditional access based on pre-defined factors such as device type and geolocation. While it is critical to implement these security technologies, effective deployment must include ongoing monitoring and alerting. If you are not subscribed to a managed security monitoring service, find a trusted technology advisor to ensure alerts are captured and appropriately actioned.

What roles does technology play in meeting these challenges?

For many firms, COVID-19 transformed lonely technologists into company superheroes. The adoption rate of digital transformation projects has soared. From big-data projects ensuring single sources of truth, to teleconferencing and data sharing, large technology initiatives are in-flight across every firm striving to stay ahead of the competition. The pandemic has altered many traditional corporate executives’ viewpoints who viewed technology as a cost-center rather than an opportunity that enables their business to thrive in these challenging times.