Our Voice

The ABC’s Of Threat Hunting.

Learn More

5 Ways to Evolve Your Remote Working Cyber-Security Strategy

Traditionally, the split between office-based and remote workers within a typical business has been weighted in favor of the former. This primarily office-based configuration has enabled IT, directors, to create policies tailored for recognized and pre-configured office devices, while only having to worry about securing and monitoring a small handful of other devices used by remote workers to access the network from outside this environment. 

But now, following the outbreak of Covid-19, the scale has tipped the other way. A business’s data, devices, and users are now dispersed. The crisis also caught many businesses off guard, and in order to carry out their day-to-day work, many users may have to use a personal device to access the company network. As such, new security concerns have arisen regarding where, how, and who is accessing data, with the security risk posed by a poorly managed mobile fleet of devices now greater than ever.  

Business continuity plans have now become business as usual, and with a return to traditional configurations either months away or uncertain to happen at all, I’ve compiled some key areas businesses should consider to evolve their cybersecurity strategies beyond short-term measures.  

1. Secure devices

 At this time, it’s difficult for IT teams to get their hands on new devices in a scalable, cost-effective way. At the same time, many users may have already shown a preference for using their own devices and proved that they can use these devices productively. Under these constraints and circumstances, IT teams should aim to evolve their cybersecurity strategy to effectively manage these new devices accessing company data for the first time. Implementing measures such as ’conditional access’ helps to strike a balance between user experience and security, offering the best of both worlds. For example, businesses can grant a bring-your-own-device (BYOD) user access to modify data on the network, but not to download it – potentially saving the company from a data leak.   

2. Short-term planning vs long-term strategizing 

There are many risks to rushing a quick policy change to allow for remote working for the first time. Over the years at CWSI, we have seen IT teams either open too many systems and applications to users too quickly- potentially exposing them to security risks – or tie-down too many things in response -creating a poor user experience and leading to shadow IT and its associated risks.  

When it comes to planning for the next 60, 90, or more days, a balance between both extremes is required to develop a sustainable, long-term remote working strategy. This doesn’t always mean upheaval. As a first step, consider what’s already in place that can either be upgraded, rolled out on a wider basis, or implemented better with an upskilled workforce. In many cases, we have been able to save time and money for customers by configuring things already present but either unused or undiscovered in their software license bundle. 

3. Embracing collaboration tools 

In March, Microsoft reported that in a single day over 2.7 billion minutes of Teams voice calls took place that’s over 80 years of talk time in one day on a single platform. For many of these companies, Teams likely was a tool that was in place for certain projects or groups and was then suddenly rolled out to all. Having embraced collaboration tolls like Teams during this period, it’s very possible users may not want to return to ‘the old normal’.  

Unified communication tools like Teams, Slack, and Zoom, enable new efficiencies and ways of working that will remain beneficial long after the current crisis. It will be very difficult for employers to turn away from these tools once the crisis is over, so businesses need to consider how to evolve and facilitate such collaboration tools in the long-term.  

4. Turning business continuity into business as usual 

All companies should build business continuity and disaster recovery planning into their overall strategy. Given the scale of the current change to business, it’s a good time to evaluate those plans once more. Businesses that may already have had remote working tools shelved for a scenario such as we are in now, can not only see if those tools were up to the job but make ongoing tweaks and refinements to improve their plans. 

If lockdowns are found to be effective, until vaccination is found for Covid-19, it is likely that rolling lockdowns will be our best defence when it comes to flattening the curve. The possibility of future lockdowns makes it even more important to replace a stopgap disaster recovery solution with a more robust strategic plan. Businesses should evolve their remote working solution to be capable of handling sudden spikes, but also be flexible enough to be scaled up or down and potentially be kept in place moving forward due to user preference.  

5. The perimeter has shifted 

CWSI has been working in this field for quite some time and if there’s one salient point we like to impress upon people when it comes to mobile working, it’s that your perimeter is no longer your office firewall. The data perimeter is now the device itself; if a device outside the corporate firewall can access company data, then traditional security methods are far less effective against attacks. 

Businesses should take time to consider where their data now sits. They may now have hundreds of micro-offices posing a threat to their security. As part of a security audit, it is a regular practice to assess and audit the environment certain devices and data are stored in; do businesses now need to start factoring in an employee’s home network security into a comprehensive audit? 

Ultimately, the coronavirus pandemic is not a time for businesses to reconsider remote working as a nice-to-have or stopgap business continuity solution, and instead plan how to evolve mature and robust remote working strategies capable of enabling enhanced collaboration and new ways of working. 

“If lockdowns are found to be effective, the until a vaccination is found for Covid-19, it is likely that rolling lockdowns will be our best defence when it comes to flattening the curve. The possibility of future lockdowns makes it even more important to replace a stopgap disaster recovery solution with a more robust strategic plan.”

Philip Harrison, CWSI CTO & Co-Founder

Relevant Resources

Our Voice

The ABC’s Of Threat Hunting.

Learn More

Our Voice

What is Microsoft’s Extended Detection & Response (XDR)?

Learn More

Technology Talks

Managed Security Services

Listen to CWSI’s CTO , Mark Mitchell outlining the benefits of implementing a Managed Security Service.