Every business has to protect three critical assets – its staff, customers and its data, writes Jonathan Goldberg, Managed Services Director at Strategix Technology Solutions. With six-foot walls around our homes, we protect our physical property and household goods, but our defences are woefully inadequate when it comes to our digital property.
When Covid-19 struck last year, many businesses within a week were mandated to have their staff work from home. From an IT perspective, it meant slapping a band-aid on a wound. However, more than a year later, with many companies embarking on a process to get their staff back into the offices, IT assets remain at risk.
The reality is that remote working is here to stay. Locally and internationally there is a rising reluctance among workers to give up flexible work environments after the pandemic. Workforces need, and are going to demand, the ability to work from anywhere. If your business has people working from home, at the office or anywhere offsite, there are four critical elements companies must address.
- Protection. Few companies have policies to ensure web security maintains the same standards at an employee’s home as at the office. Home routers with default or easy-to-guess passwords could open the employee – and the company – up to compromise. The fact is, your employee’s home is an untrusted environment connecting into a corporate environment. Think about the number of connected devices to your router. Your children’s PlayStation. Their iPad. Their friend’s iPad. How do you as a company protect your data when most of your staff work from an environment where multiple people and devices connect to the router? It is simply out of corporate control and can compromise a company’s data.
- The Human Factor. A high percentage of breaches are due to human error. Most companies have policies governing the security compliance of their devices – password protection, additional levels of security, next-gen anti-virus detection and responses – but this is not the case when your people operate devices from home.
How do you govern access data? How do you verify and authenticate that the person accessing the data is an authorised employee? The threat of impersonation attacks is heightened during extended periods of remote work. The pandemic has also brought about an increase in crime. How many of your employees leave their laptops near open windows without even thinking about it? How confident are you that thieves cannot access your company data?
- Manage change. Before you rush in with new policies, make sure your users are ready for change. Your staff need to actively buy into policies that protect the company’s data while ensuring a heightened and improved end-user experience.
- Last line of defence. Remote working means each employee is potentially an entry point into the organisation’s processes and data. Employees are the last line of defence against cyberattacks. Management also needs to have a trusted technology partner that has their back. Companies need to create a balance of protecting data – both unstructured and structured data. Structured data often runs the business and needs greater protection, but unstructured data remains complex and challenging to manage due to the scale of growth, dispersed across all IT assets, from on-premise systems to the Cloud.
What can companies do?
Small to medium-sized business don’t have the time or resources to spend on digital solutions. This is where the value of managed service providers (MSPs) comes in. An MSP will proactively identify problems, mitigate the risk and provide the business what they require from a technology point of view, and then manage it all – from running patches in the background to keeping data secure to helping put policies in place to keep data safe or only allow certain users access.
This allows businesses to move from survival to a thriving mode in a post-pandemic world while knowing their critical information and assets are safe.