FEATURE: MOBILE MANAGEMENT
///////////////////////////////////////////////////////////////////////
The modern workforce
is more flexible and
collaborative than ever
before, with technology
enabling employees to
work from anywhere, at
any time, on any device.
But these new remote
workforces are not
without their security
risks. We spoke to industry
experts about some of the
biggest cyberthreats and
how companies can best
address these.
W
What are the main cybersecurity
challenges that remote
workforces need to overcome?
NICOLAI SOLLING, CTO, HELP AG
Securing the remote workforce has always
been a challenge and there are a number
of reasons for that. First of all, historically
there has been more focus on protecting the
organisation instead of the remote user. As an
example, organisations have deployed more
and more sophisticated networks security
components such as next-gen firewalls and
anti-malware solutions, which typically inspect
network traffic within the organisation.
However, users take their laptops home, they
are vulnerable as they are outside of this
protection. From a technical standpoint, we
have been able to address this for a number
of years by backhauling remote users’ traffic
to the headquarter via VPN but organisations
today are still worried about user experience
and bandwidth consumption.
Another element is the actual user behaviour,
arising because users may have more versatile
use of their devices when they are outside the
organisation as compared to internally.
An example here could be the ‘road warrior’
who is on a business trip and needs to take
care of personal tasks on his corporate
device – potentially introducing risk.
The third and perhaps most important
challenge is consumerisation of the devices
that remote workers are utilising. We
sometimes call it Bring Your Own Device
(BYOD) but the fact is that it is extremely
challenging to enforce security settings on a
device which you do not own and control.
All this said, the ability to work from
anywhere and at any time positively
impacts both employee productivity as
well as job satisfaction. In today’s business
environment therefore, it is imperative for IT
to support and secure the remote workforce.
So, what can organisations do to secure their
remote workforce?
Employee awareness
and training
Last year, social engineering was the initial
attack vector used in 65% of the threat
advisories that our Managed Security
Services (MSS) team published. Recognising
that humans still present the weakest link in
the cybersecurity chain, the first task should
be to raise cybersecurity awareness within
the workforce. This should include making
employees understand the implications of
Securing a
remote workforce
46
INTELLIGENTCIO
www.intelligentcio.com