COVID-19 has reshaped the business world – with more employees working remotely than ever before – and there’s been no shortage of advice on how to navigate through this new landscape: from a quickfire adoption of connected devices, to the rapid uptake of cloud technologies, sifting through all the do’s and don’t’s can be daunting for IT and security teams.
In a world that’s constantly evolving before our eyes, these teams are at the crux of business continuity. Decisions made now will directly and significantly impact the long-term recovery trajectory and, ultimately, make or break businesses.
While nailing the security basics has been the focus for most companies, and rightly so, due to the uptick in remote working, organizations also need to make sure they’re resilient against new threats. In a constant game of cat and mouse, hackers will always find new weaknesses to exploit, especially as we continue to adapt to this new way of working.
It’s about moving beyond the basics of security and getting ahead of cyber-criminals so businesses can anticipate – and prepare for – their next move. So, how do to companies put themselves on the front foot?
While, pre-COVID-19, many organizations were rolling out digital transformation plans, the rapid shift to remote working during the pandemic has unveiled new cybersecurity vulnerabilities that have led to costly and persistent breaches. In the face of these vulnerabilities, businesses must learn to adapt to their new remote employee infrastructures as they move their organizations through the recovery.
Turn off the lights and move to the cloud
Cloud adoption was already gaining pace pre-pandemic, as more companies moved away from traditional IT data center infrastructures. According to Thales’ 2020 Data Threat Report - Global Edition, organizations were using an average of 29 different cloud services to manage data even before COVID-19. With more people working remotely, data centers will go “dark” at a much higher rate.
As businesses start to re-visit projects that were put on hold in the first few months of lockdown, cloud infrastructure and services will be inundated. IT and security teams must adapt by moving towards systems that help to reduce their reliance on engineers being physically in data centers and secure their data in the cloud. If organizations fail to adapt to this new reality, it could leave them unable to pivot quickly when faced with outside influences, new threats, or changing circumstances.
Implement central control
With the sudden change to remote working, it’s no surprise that some employees will have directly acquired for themselves the solutions and devices needed to function. However, these often aren’t often sanctioned or issued by the IT department – something that organizations often fail to address, according to the latest research from IDC.
It’s a situation that can prove to be unsecure and problematic, such as video conferencing apps that allowed meetings to be viewed externally or hijacked by internet trolls.
A huge concern for IT teams as we move into the next stage of the pandemic is managing the inevitable tension between enterprise control and business units, while making sure that the company isn’t exposed to emerging compliance and privacy risks. Data security decision makers need to catchup with this new way of working, while at the same time making sure they have visibility and control over the connected devices and apps their employees are using.
It’s therefore essential that IT teams sanction collaboration tools and cloud services that can be centrally monitored and controlled.
Remove the cloak from your invisible data
The shift to a remote or hybrid working strategy leads to a much wider distribution of data and a far more complex digital environment in which sensitive data becomes harder to locate. IT teams are being challenged to deal with an unprecedented “data sprawl” at an enterprise level, as operations shift to the cloud and employees use numerous devices to access internal applications.
Without a centralized view of all the structured and unstructured data these devices generate, unseen gaps in security are created – so it is essential that this data is located, categorized, protected and encrypted.
Following these key steps is crucial for companies hoping to survive the pandemic and build long-term success during regeneration period. They will allow IT teams to make better decisions about security and progress towards resiliency in our hyper-connected, remote new world.
As we head into a complex phase of COVID-19, these efforts will enable organizations to remain agile and responsive to changing regulations, new economic conditions, and the inevitable business challenges along the way.