Many organisations similar to Law firm Clayton Utz, recruitment company Indeed, advertising company JC Decaux, and Foxtel Media have closed their doors for a period of time and transitioned staff to work remotely. Governments around the world continue to encourage companies to have a work from home policy, and only essential workers or situations where this is not possible to continue to go to the office or common workplace.
Remote working takes planning
When large numbers of employees are working remotely, minimising risk and business continuity becomes critical. Achieving this requires much more than simply ushering employees out the door with a notebook PC and smartphone under their arm.
Australian firms need to ensure they have a detailed remote working and risk management strategy in place. This strategy must cover everything from the equipment staff use to how and where they connect to company applications and data. Any failure to do this could leave the organisation vulnerable to cyberattacks that would further disrupt operations.
The strategy must address:
Business continuity: Assess the various functions and processes that have been affected by the shift to remote working and ensure each can continue uninterrupted during the coming months. Keeping risks to a minimum is paramount.
Devices: Determine what types of devices can be used by employees when working from home. Privately owned or company issued? Do they have appropriate security software installed?
Access: Consider making the use of virtual private networks (VPNs) mandatory for all remote workers. This provides a secure channel between their devices and the organisation’s central IT infrastructure.
Perimeter protection: Assess what perimeter protection measures you have to protect vital systems and data aside from VPNs. Consider adopting an enterprise-wide Zero Trust strategy that incorporates a strong identity foundation.
Authentication: Ensure there are strong, intelligent authentication mechanisms in place to help guarantee only those authorised to do so can remotely access central systems.
Continuity Needs More Than Passwords
While passwords have been a mainstay of IT security for years, organisations need to go above and beyond them to ensure security and business continuity for remote workers. Multi-factor authentication should become a must-have for all staff at this time.
As well as improving security and business processes can continue, multi-factor authentication can result in increased productivity. For example, continuous authentication can be undertaken using device location in the background without interrupting employees.
Strong multi-factor authentication works by bringing a range of authentication factors together. Typically, these include:
Knowledge: Something you know, such as a password or answer to a security question;
Possession: Something you have, like a smart card or token;
Biometric: Something you are, such as a fingerprint or face;
Behavioural: Something you do, such as how you type or hold your phone.
By embracing multi-factor authentication, organisations can reduce their reliance on passwords, or even dispense them altogether. This will ensure home-based workers remain as secure as possible at all times and business operations can continue.
It’s been a trend within Australian organisations for some years, however COVID-19 is accelerating the need to allow employees to Bring Your Own Device (BYOD).
Many organisations faced with having large numbers of people work from home at short notice may not have the time (or budget) to supply each employee with the equipment required and will be relying on employees to use their own computers and smartphones.
In order to make BYOD work smoothly and ensure productivity, organisations need to have central authentication services that can easily integrate with and leverage data from mobile device management systems (MDMs). Taking the time now to establish this infrastructure pays dividends as the need for remote working is likely to increase.
Identity Security Done Right
Every organisation in Australia, and certainly most around the world have been affected by COVID-19. Taking steps to ensure that employees working at home can remain secure and maintain their productivity will help to ensure business continuity in the months ahead. Even though COVID-19 may have been the catalyst, the move toward strengthening business processes was inevitable with the increase in cyber attacks. With the right solutions, what you do today can set you up for a better way of working - work from anywhere at anytime, on any device securely. Work life balance is being redefined right now, the opportunity to make the most of our learnings from this period is now. Find the balance while keeping everyone connected - reduce risk, increase staff retention and productivity.