Navigating IT Security in ‘The New Normal’

The New Normal

At this moment in time it’s not CIOs, CTOs, or CDOs leading digital transformation for companies across the globe: it’s the global pandemic that’s forcing so many of us to stay indoors until the risk subsides.

With more people working from home than ever, everybody is adjusting to a New Normal: social distancing, travel restrictions, online interaction, and collaboration in business.

However, often individual employees (and businesses) getting to grips with remote working for the first time, aren’t aware of the security risks associated with their current and/or temporary setup – or the vulnerabilities related to many of the “new” tools they’re using.

Playing Catch Up

No-one could have foreseen the coronavirus having as big an impact as we’re now experiencing. Consequently many businesses around the world had to act fast – to ensure employees had access to the tools needed for remote working.

However, many couldn’t change their security solutions or network/computing capacity overnight. While different solutions exist, some are more effective than others. And what works for one organisation won’t necessarily work for another.

Businesses therefore need to closely consider what’s right for them, and need to ask some fairly complex questions about their security setup. For example: do they need to maintain a central internet connection for all employees or can they allow VPN split tunnelling?

The answers to these largely depend on the nature of their business, the way they handle data, the regulations in place (such as GDPR), and how they interact within the company and with customers.

But sometimes businesses don’t know what they don’t know.

Spending Doesn’t Mean Saving

A lot of the security concerns many companies face are unprecedented. The only people that stand to benefit from this are the many hackers taking advantage of the situation – who are using different software and media to quickly spread COVID-themed viruses, malware, and ransomware. Some are even usingthe videoconferencing tools that businesses are adopting to facilitate remote working, to steal passwords and data. And let’s not forget, users themselves, too often reuse previously hacked passwords for new services – which can cause (re)new(ed) credential hacking.

However, even the cautious can be targeted. According to reports, despite cybersecurity spend increasing, some 60% of security breaches could have been prevented if the available patches were applied – but weren’t.

What’s needed to mitigate these risks is a combination of strategy, insight, and expertise. After all, security isn’t one specific thing – it’s a combination of hardware security management and software management.

It begins with addressing basic questions like these…:

  • Do we know our installed base?
  • Is our hardware up to date?
  • Is the antivirus software up to date?
  • Have we deployed the latest patches and (firmware) updates?
  • Are our licenses correct?
  • Are our third party apps up to date?
  • How secure are the tools we’re using?
  • Are regular backups taking place? How often?
  • Do we test restores regularly?

…And quickly moves on to more advanced considerations, such as

  • Do we need to renew our network components?
  • Can our wireless network be improved?
  • Are we reachable via the office phone when the office is unmanned?
  • How can we facilitate remote working and provide access to the necessary data in a secure way?

To maximise their chances of success, companies need to conduct a complete IT and communication review. Not only will this mitigate immediate risks, but it’ll also put them in a better position when the coronavirus lockdown is over.

Ultimately, business IT is shifting in an unprecedented fashion. Keeping pace is not just a nice-to-have: it’s a priority for SMEs and Enterprises alike. But each company is different, and so are their computing needs.

Here at MobilityWorks, we can support your digital transformation; starting with a complete audit of your IT and communications infrastructure. We can then create a blueprint, cost outline, and plan of attack – which allows you to scale and strengthen your IT in a modular fashion and pace.? Book now your free consultation or subscribe hassle-free for regular updates.