INDUSTRY KNOWLEDGE
Is your business fit for the age of remote working ?
THE COVID-19 PANDEMIC AND LOCKDOWN HAS LED TO AN INCREASE IN REMOTE AND HYBRID WORKING , AND THE TREND IS EXPECTED TO STICK . BUT BUSINESSES NEED TO PREPARE FOR POTENTIAL NETWORK RESILIENCE AND SECURITY ISSUES DUE TO HOME-WORKING , AS WELL AS INCREASED DEMAND ON DATA ACCESS .
AS WE MOVE FORWARD INTO AN ERA OF A NEW WAY OF WORKING WE HEAR FROM DAVID GREENWOOD , CEO AT ISN SOLUTIONS AND EXPERT IN NETWORK RESILIENCE AND SECURITY , AS HE HIGHLIGHTS FOUR KEY AREAS TO CONSIDER TO REALISE GROWTH , EXPAND PRODUCTIVITY AND GUARD AGAINST THREATS TO BUSINESS DURING THIS TIME OF RAPID CHANGE .
Home working may increase vulnerability to breaches A recent report from cybersecurity firm Malwarebytes claims that 19.8 percent of businesses surveyed have faced a breach , since lockdown was introduced , due to an action from a remote worker and that nearly a quarter of those businesses ( 23.8 percent ) faced unexpected expense as a result .
Costly and business-compromising attacks could result from the hacking of even one unsecured device in a single employee ’ s home . With both personal and company devices sharing the same home network , the risk of planted malware , ransomware and banking Trojan software transferring from an employee ’ s personal device over to a company machine and going on to infect the entire company network is high , especially if the employee has not been trained in good security practice . It ’ s also extremely difficult to discover , intercept or monitor any threats from personal devices that may have transferred over home networks .
For this reason , it ’ s likely that an increasing number of businesses will implement zerotrust security architecture ( where the system is assumed to be compromised , and staff access to data is severely restricted on a needto-have basis ). However , the draw-back of this approach is that poor planning can slow speed , productivity and collaboration .
An IT managed service provider ( MSP ) can advise on and deploy the most appropriate security architecture to meet current business need and , in many cases , the solutions to these issues are more cost-effective and affordable than may be assumed . In fact , companies may already have licenses that have unused tools or features that can assist . Most solutions in today ’ s world are cloud-based and ‘ as-aservice ’, which incur monthly OPEX fees , rather
24 Fuel Oil News | November 2020
David Greenwood than one-off capital investments on software and hardware .
These flexible , as-a-service packages also provide assurance that the solution is always maintained by the provider , with the latest security updates and patches , allowing those running the business to focus on growth without having to worry about the risk of company data and operations being compromised .
With the additional demands of remote working , It ’ s now critical that businesses examine their systems architecture to assess whether it needs to change to cope , especially since the UK government guidelines have recently reverted to the recommendation for employees to work from home if possible and this disruption to businesses and short-notice alterations to government guidelines look set to continue for many more months .
Phishing scams should be top priority Criminals are using the climate of uncertainty , confusion and fear to increase the effectiveness of phishing scams . By the end of February this year , phishing emails had spiked by more than 600 percent , with the majority using COVID-19 related topics to lure users .
Training staff in how to recognise phishing scams can save businesses from a potentially costly experience down the line . In addition , any discovered threat should be dealt with immediately to halt or minimise potential damage . In these turbulent and busy times , one option is to consider outsourcing IT support to a MSP to benefit from around the clock support with neutralising security threats . Criminals don ’ t only work office hours , and with particularly dangerous malicious software , such as ransomware , immediate action can make the difference between the breach being a small issue or a company-wide disaster .
The threat of the insider In August , it was reported that a hacker had attempted to bribe a Tesla employee to plant malware in the company ’ s network . In that case , the employee was trustworthy , but it follows a disturbing growth of attempts to bribe or trick employees into sabotage or releasing private and sensitive company information . Recently , a hacker group successfully stole business data in six countries by posing as companies ’ HR departments in an attack that preyed on employees ’ trust of their employer . As companies grow more knowledgeable about good security hygiene and practices and seek to secure systems , hackers have increasingly turned to exploiting a company ’ s people , who may lack knowledge of good security practices and how to recognise a scam .
Unfortunately , home working introduces more risk of opportune ‘ insider ’ attacks , particularly in shared housing accommodations . A housemate could potentially discover an employee ’ s passwords to company equipment , and if the home workspace is shared , it ’ s possible to simply look over a person ’ s shoulder as they log in , without a busy employee noticing .