FINAL WORD
Policies and protocols have been
drafted and implemented as quickly
as possible, to maintain Business
Continuity, often with an immediate
focus on the bare connectivity and
security essentials needed.
The outbreak of COVID-19 and
the subsequent UK-wide
lockdown brought sweeping
changes to the workplace. For
many organisations, no matter
the industry or size, this meant a widescale,
unprecedented move to working from
home. There was no time for vulnerability
assessments prior to the mass remote
working, nor time to educate staff on how to
use the technologies effectively and securely.
Operationally this quickly became a very
challenging situation to manage.
Even for organisations that already
had some remote working policies in
place, it is unlikely robust plans were
there for the majority of the workforce
working and collaborating remotely on a
semi-permanent basis almost overnight.
Policies and protocols have been drafted
and implemented as quickly as possible, to
maintain Business Continuity, often with an
immediate focus on the bare connectivity
and security essentials needed.
Stopgap solutions with security risks
The lure of free cloud-based
video solutions
For many organisations, the access to and
broad choice and availability of free cloudbased
video communications solutions
such as Zoom, Microsoft Teams or Google
Hangouts has been a lifeline in allowing
business communications to continue whilst
employees work from home. Likewise, the
need for people to video call instead of use
mobiles soared, as people were desperate
to connect and see each other face-to-face
with the absence of physical contact and the
usual workplace chat and socialising.
Zoom, for example, saw a global surge
in daily users from 10 million in December
2019, to 300 million in April of this year.
These technologies have been an immediate
and necessary stopgap, they have come
with various security flaws, which seem to
have been overlooked in favour of keeping
businesses running
For example, the most high-profile
security flaw has coined the phrase ‘Zoom
bombing’ as online trolls have emerged
gaining access to meetings with links free of
passwords or any security access at all.
The rise of phishing emails
by cybercriminals
It’s not just video conferencing software
that’s opening up organisations to
security risks. Cybercriminals have also
been exploiting fear and anxiety around
COVID-19 to launch email phishing attacks,
spreading fake news and exploiting the
fear. Phishing email attacks related to
COVID-19 increased by 600% in the first
quarter of 2020.
Mobile phone-based phishing attacks
are harder to spot on mobile email, social
media and messaging applications because
of the smaller screen size coupled with the
inability to preview links and see full URLs in
mobile browsers. Also, by working remotely,
checking in with colleagues and asking them
if they have received certain emails is no
longer taking place.
Remote working in the ‘new normal’
It’s clear that the remote communication
technologies and home working policies
which have enabled organisations to
continue to function through the critical
months of lockdown have been a lifeline, but
many have been put in as short-term and
not long-term solutions.
It’s absolutely essential that
organisations work to secure their remote
working policies, looking at end point
security, email security, cloud applications
and who is using what. The answer is not to
put barriers in place to lock usage, more to
find a flexible and agile way to accommodate
these applications and their use in a secure
robust way using multifactor authentication
and an ongoing education programme with
all employees to help them keep abreast of
cyberattacks and spot the signs.
INTELLIGENT TECH CHANNELS
INTELLIGENT
TECH CHANNELS Issue 31
65