Putting security at the heart of the agenda in the new normal

The move to remote working has introduced a surge of digital transformation across different sectors. Many businesses who had previously thought that prolonged remote working was unachievable have seen that collaborating in this distributed environment is not only possible, but actually can improve productivity and company performance.

As guidelines around returning to work continue to change, it’s unlikely that we’ll see entire businesses return to their offices anytime soon. Remote working, for the near future at least, is set to continue for most.

Remote working identifying security flaws

Whilst working remotely is beneficial in some ways, it has exposed serious security flaws in existing IT infrastructures. The mass adoption of cloud-based software to support remote collaboration means that many people now have access to personal and sensitive data in their own homes. Ensuring that data is protected is critical in order for businesses to remain compliant with GDPR regulation and avoid hefty fines, but this task is not simple when workers are using their home Wi-Fi network instead of a business grade connection.

When the pandemic first started, many businesses went into reactive mode, putting the necessary measures in place to keep operations running smoothly. For some, this meant adopting non-approved applications to support activity, but there’s potential that this undermined the security posture of businesses.

Cybersecurity breaches have increased markedly during the coronavirus crisis, rising by 273% this year compared to last. There is an emerging and pivotal need to re-evaluate businesses’ security infrastructure and invest in competent solutions to protect customers against rising threats.

Conduct a full security audit

Before making any purchasing decisions, it’s imperative that organisations conduct a full audit of the existing security posture. A Cyber Maturity Assessment will analyse the ins and outs of the current set up, recognising where strengths currently exist and identify vulnerabilities which need to be improved.

The temptation to rush into decisions is huge. For example, there is an emerging trend in the market of customers considering moving their security posture to Zero Trust. This is a relatively new and evolving approach to security which removes inherent trust from the network, treating every connection as hostile in the stretched network perimeter until connections and users can be trusted.

This is innovative technology which customers will require guidance with; companies considering this approach will need support to redefine their security policies and incorporate this new technology. CPs should play that consultative role here, providing advice and recommendations for organisations to enhance their current set up. For instance, they may suggest that a business should retire their existing systems in favour of a more advanced security solution, or shift to a new methodology such as zero trust.

Educating people

People are often a company’s most vulnerable asset. They can easily be manipulated by cyber criminals, falling prey to scams which enable hackers to access a wealth of sensitive data. Companies cannot become complacent when it comes to training employees. Both the workforce and cyber security policies need to be regularly updated to reflect new risks.

Companies can alleviate the pressures on internal security teams by partnering with a security MSP. They will ensure that the most up-to-date information on potential threats and vulnerabilities is communicated to the employees, giving them the confidence to identify and avoid illicit activity, which provides an additional layer of protection.

A solution for today, and tomorrow

Security solutions can’t stand still. Any system a company invests in needs to be able to adapt and address changing threats. This includes coping with alternative working practices, user personas and modifying the configuration of the system depending on what the data looks like and how it is stored.

We’ve experienced an unprecedented level of digital transformation in just a few short months which has transformed how we work and store information. In some instances, businesses have been left playing catch-up, working with IT and security systems which are poorly equipped to deal with the new normal.

Cyber criminals are exploiting these vulnerabilities, so it’s time for business to adapt. CPs should emphasise the importance of partnering with a security services provider, in order to re-evaluate existing systems, educate people on how to identify and deal with threats, and invest in solutions that protect businesses as we work from home.