With a global-level shift in ways of working came an immediate need for widespread digitisation and the priority was making it work as quickly as possible,writes Quentyn Taylor, Director of Information Security at Canon.
Factors like security, compatibility and functionality were secondary. But now that flexible working has become significantly more commonplace and protecting your business and customer data is once again front of mind, let’s look at the key ways in which flexible working has actually improved your security.
1) A decentralised approach has unlocked simplicities
You might not have realised it, because kicking off a decentralised approach at speed feels like everything has gone haywire, but you’ve already benefited from some incredible efficiencies as a result of the rapid change in working environments.
The most prominent being a built-in security resilience that you gain by simply having your team spread across multiple locations. Single issue events that impact flow of information, like a fire in the office that shuts down your headquarters or traffic issues that mean your main decision maker is unavailable at a crucial moment, have significantly reduced your infrastructure risk.
In fact, you’re actually increasing your flow of information. Having adjusted your systems to enable your employees to work from anywhere, you reduce the dependency on central locations and the associated information storage implications; you also open up multiple time zone working, giving you the ability to have consistent 24-hour monitoring in place.
It’s time to realise that minimising the surface area of your risk doesn’t necessarily equate to a proportional reduction in the risk itself. What decentralisation really highlights is that it’s how you manage it that counts.
2) The revolution in usage of cloud services has ensured stronger security measures
With a huge shift in digitisation has come a significantly increased take up of cloud services and accordingly, some massive improvements in security to counteract the risks of your teams logging on from non-trusted networks. It’s no doubt been a taxing job for your IT department, but the resulting benefits cannot be underestimated.
This enforced upscaling of security will have paid off for you already – and here’s the even better news – you are now extremely well set up for your security measures paying off for the future.
Those struggles you might have been having to get your email setup into the cloud are now behind you. You now have access to two-factor authentication safety measures and you’ve removed the complex infrastructure requirements of needing to VPN into your office network then back out again to access cloud services. Instead of every app you use needing to authenticate itself, you’ve, again, simplified the process to allow for one single authentication. This gives you much clearer visibility of how and where your employees accounts are being used, so you can easily identify and resolve any security breaches that might occur.
And your benefits here are not just within the security space. With all your systems shifting to the cloud, you may now also find that you not only need less physical office space, but less data centre space as well.
3) Video conferencing is a significant obstacle for attackers
One thing that we’ve all seen as a result of this global shift to flexible working is the huge rise in the use of video conferencing services. While many of these services have been around for years, we’ve certainly not seen the widespread take up that has occurred in recent months. From a security perspective that means they’ve so far not been a huge area of focus for attackers.
At this moment in time, it’s still relatively uncommon for an attacker to dynamically generate custom video content, it’s actually really quite difficult for them to find a point of entry. While it might be fairly easy to fool an email or a voice, the level of live deep fake work required to attack through video conferencing is especially challenging. So, while no system that is connected to the internet can ever be considered completely safe, as of today, using video conferencing as a tool positions businesses at a distinct advantage.
As always though, remain vigilant. As technology improves, so do the opportunities for attackers.
You can see remote working as either a security risk or a security advantage. It’s always going to come back to the way in which you choose to manage things. Decentralisation doesn’t have to mean disorganisation. Create a clear structure to cover flow of information, incident reporting, chain of command and, crucially, delegation in chain of command.
Digital evolution has been massively accelerated over the last year and all it takes to keep up is a few simple, practical steps.