Skip to content

Why the global pandemic and an instant move to remote working has made companies vulnerable

The coronavirus pandemic has impacted the business world beyond belief, but largely businesses have been able to adapt and continue operations. How has this impacted organisations security posture and what can be done?

The coronavirus pandemic without hesitation pretty much obliterated ‘business-as-usual’ and allowed very little time for companies to plan for an enforced remote working making organisations vulnerable.

The result? – Many businesses had to find work arounds to maintain business operations.

The consequence – Security policies were difficult to adhere to with business continuity taking priority. This meant that an organisations’ cyber postures were weakened, due to a lack of visibility in to their new network and its vulnerabilities.

The rise of the opportunist

The war between cyber security and those trying to exploit it is constantly raging. Security companies and expert individuals innovate and develop around the clock to ensure when new vulnerabilities are identified, the spotlight is shone directly on to them, ensuring they can continue to be defended against going forwards.

When the environment changes or is impacted by external (or internal) influences, the new landscape needs to be understood and secured. This gap in time between the change and the securing provides an attractive opportunity for the opportunistic malicious actor to exploit the gap in defences.

It’s imperative that when these changes occur and especially when they cannot be planned for, they’re understood, scoped and secured as quickly as possible to ensure remote working does make your company vulnerable.

As the old saying goes: ‘You can’t secure what you can’t see

Visibility is the key to security, once you understand the architecture, systems and processes, you need to secure and you can construct a robust strategy to do so.

But what if you can’t?

The immediate shift to remote working means a majority of business connections now lie outside of normal working estates. This means that unless the correct policies, systems, architecture and technology is in place to work securely in that way, there are blind spots.

Business policies that were made with a largely office-based workforce in mind, will need to be reviewed to ensure they are suitable and sufficient. The way users connect to systems may have changed and it’s vital that these new connections are understood and secured. The change of architecture needs to be understood, users are now working from home, meaning they are no longer connecting via your office network, at a minimum the endpoints need to be secured, but secure connections are just as important.

All of the above relies on visibility and your understanding of the situation, environment and your users, to make informed security decisions and ensure remote working doesn’t leave you vulnerable.

User error accounted for 90% of cyber data breaches in 2019

With data taken from the Information Commissioners Office (ICO) and analysed by CybSafe, 90% of data breaches were a result of human error, this is up from 61% and 87% in 2018 and 2019 respectively.

With this in mind, user training requirements need to be understood and met, as a priority.

With a new way of working, which potentially involves the use of new technologies (E.g File sharing or communications) users need to be aware and up-skilled on the new threats they face and how to carry out their role securely.

Clear communication and explanation on new company security policy’s must be provided, with the opportunity to receive feedback and concerns to ensure no stone is left unturned.

The problem with uncertainty, ambiguity or a lack of clarity is that users will try to find work arounds. Users will use different communication channels, file sharers etc, that sit outside if approved company policy. This is often done with best intentions, as a means of being more productive, but the reality is that these choices can cause damage. You need to understand their requirements and cater for them to ensure security policy is upheld.

What do you need to do to ensure you do not fall in to the category of remote working has made companies vulnerable? Click Below

Top three Security considerations with a remote workforce.

Sign up for ‘NCL Insights’

Your trusted source for innovation, technology insights, and market trend analysis.

Your Questions Answered – IT Strategy for 2021

Your Questions Answered – IT Strategy for 2021

The World is Changing…   Spotify has recently joined the…

Passport control at airport

How a zero-trust approach to cyber-security, complimented with AI machine-learning, is essential in protecting our businesses from modern cyber-crime.

Remote working may be here to stay, and businesses…

Log in credentials

Why improving password hygiene should be your new year’s resolution.

Traditionally these sorts of resolutions have revolved around improving…

SPEAK WITH OUR EXPERTS TODAY

If you’d like to book a free consultation with one of our experts, get in touch today.