Remote working is a trend that’s showing no signs of slowing down, especially given the current circumstances as thousands of employees globally are now working from home in some capacity. Even outside of current events, research shows the number of remote working jobs on offer has more than doubled in the past four years. This indicates that businesses are even taking steps to meet employees’ remote working expectations, in particular, those of the younger generation of employees. These workers expect to access work much in the same way as they access social media – anywhere and anytime. Considering that millennials are predicted to make up 50 percent of the global workforce by 2020, it’s clear that businesses across all sectors need to make strides in supporting remote and flexible working, even outside times of crisis.
However, when facilitating this anywhere, anytime model, it is vital that businesses don’t overlook security. As cloud has become the de facto IT set-up for organisations, the traditional IT perimeter of the past has disappeared. Now, from Microsoft Teams, to Trello, to Evernote, companies are spoilt for choice when it comes to cloud-based tools to support remote workers. Further, cloud services such as video conferencing, instant messaging, and apps allow workers to collaboratively edit documents and keep remote colleagues working together closely and productively, but security must also be factored in. Outside the four walls of the office, remote workers are far more vulnerable to cyberthreats. As the current global situation requires more employees to work from home, what better time for organisations to consider how they can secure their remote workers?
An unclear security situation
When it comes to remote workers, organisations cannot be certain of how their employees are accessing the corporate network. While it might be safe to assume that employees are currently using secure Wi-Fi at home, what about under normal circumstances? What if they decide to work in a café for the afternoon? Is that Wi-Fi public or private? Are they using a VPN? How many devices do they use to access work documents and are they all password protected? All in all, when it comes to the security of remote workers, there are many variables for organisations to consider – but there may be a more straightforward answer than most imagine.
Many businesses will find that there are robust, useful security features that are embedded in the platforms and services have already paid for and use to support remote workers. Because most organisations have used third-party security providers for years, embedded security features are often overlooked or disregarded in favour of legacy incumbent security products. Additionally, as there is a high number of features that come with enterprise software suites, this can sometimes mean really useful security features are lost in the noise. However, organisations can enjoy huge benefit from identifying and using the cloud-native security features already in their arsenal.
Looking at what is already on offer
For instance, many Microsoft 365 (which includes Office 365, Windows 10 and Enterprise Mobility + Security) users may not be aware of the many embedded security features that comes with the product. Intune, for instance, allows organisations to manage devices across iOS, Android, Windows and Mac with one endpoint solution – so no matter what device a remote worker opts to use, it can still be secured and managed effectively by the organisation. Tools such as Microsoft Secure Score – a feature that gives organisations a score on their security posture, provides insight that helps improve security across businesses’ infrastructure, data, apps and devices. Considering Office 365 has 155 million active users, many more organisations could benefit from exploring the security features that it offers.
Ultimately, employees working remotely may be out of sight of the central organisation, but they should not be out of mind. Considering workers may have to work from home for a prolonged period this year, and that 36 percent of organisations have experienced a security incident as a result of the actions of a remote worker, protecting email, users, applications and data should be a primary aim for organisations. It is a continuous challenge to secure the ever-expanding attack surface and stay ahead of motivated bad actors and ever-changing regulations. Managing identities and access to cloud resources, securely managing mobile devices, detecting and responding to targeted attacks and insider threats, and defending against malware, is a tall order for security teams.
By exploring what features they may have already paid for, organisations can help lighten the load of their security teams and help protect against advanced threats, and personal data from loss, unauthorised access, or disclosure. At the same time, they will save themselves the task of finding new security tools and integrating them across their entire network and infrastructure. Not only will this save time and cost, but it will afford businesses peace of mind in a period of uncertainty that their remote and flexible workforce is secured.
Alex Dalglish is UK Services Director at SoftwareOne