Covid-19 has triggered a transition towards a remote workforce across the globe. Along with the new work practices comes a variety of security challenges. In the new norm, business is being done over home internet service providers (ISPs), with unmanaged routers and printers with home automation systems in the background. This is leading to new security threats. Traditional security measures that have been used daily for years cannot protect a fully remote staff without adaptation. Let’s have a look at how corporates are dealing with this transition and ensuing security:
Structuring work from home policies
To begin with, businesses are working to put in place more structured work from home (WFH) policies to ensure the security of client data. As per NASSCOM companies have sought permission from their clients for enabling work from home and built internal crack teams to manage security and privacy.
Security of virtual private network (VPN)
Companies are now looking to secure data by deploying Virtual Private Network (VPN), which provides much more security as compared to home Wi-Fi network. A corporate VPN offers organisations the opportunity to provide their employees access to a secure end-to end encrypted connection to cloud resources on a company network. Moreover, enterprises are turning towards Secure Sockets Layer (SSL) VPN, which is more secure than the traditional VPN, to remotely access important network resources and connect remote users to corporate resources. On the other hand, companies which have its employees work on home networks are putting in place the basic checks by its Information Technology (IT) teams. For instance, telephonic guidance is provided to secure home routers, installation of anti virus software’s etc. Companies are also making arrangements to pay any excess bandwidth.
Internal training, educating employees
Internal training has become a part of the work routine in the new normal. Companies are putting in place security protocols relating to not sharing of passwords, shredding of printed documents, not creating back-ups, and not using unsecured networks. Companies are also hiring external organisations to educate the employees on cyber security besides conducting virtual IT audits.
Security of cloud-based or SaaS applications
As the majority of businesses are operating on Software-as-a-Service (SaaS) applications, companies are working towards making these tools secure, especially as data moves from corporate offices to the cloud to home offices and then back to the cloud again. Though SaaS applications come with an in-built security system, companies are hiring independent organisations that help them protect their applications by regularly scanning their various settings for security issues.
‘‘
Companies are putting in place security protocols relating to not sharing of passwords, shredding of printed documents, not creating back-ups, and not using unsecured networks.
Storage and data backup
Remote working has led to increase in companies adopting cloud-based data storage or backup methods. All your data on the remote laptops/devices is migrated automatically to a cloud server like Amazon S3, Back blaze, Microsoft Azure or Google storage and then synced to the organisation data centres, ensuring complete protection.
