Stay secure even as offices close: how CIOs can empower their workforce both securely and remotely

In the past decade or so, more people have become empowered to work from home (WFH), largely due to the embrace of cloud technologies and mobile devices. But the extraordinary circumstances of a global pandemic are making it so that working from home is not just an option for the workforce, but a strongly recommended course of action, and in many cases a requirement, to ensure everyone’s safety. By Brian Foster, SVP of Product Management for MobileIron.

Organisations without a remote working policy need to create one quickly, and those with one in place will be looking to scale their arrangements to accommodate the unique problems WFH presents. Many employees will rely on their home networks and utilise their own devices in order to keep working. On top of that, CIOs and IT departments have to handle an extensive security perimeter that can no longer be described in the traditional way. Security systems should be reviewed to ensure that while the workforce is empowered to work from the safety of their home without jeopardising the security of the enterprise.

Upscaling teleworking capabilities

The rapid escalation in the number of employees who are working from home is creating several challenges for employees. Businesses should look to empower employee productivity regardless of the location of their desks. To do so, CIOs and employees alike will need to have confidence in the right tools and software to securely access corporate data.

A TUC report found that 1.6 million employees regularly worked from home in the UK in 2017. While there are no exact statistics on how many employees are working remotely since the COVID-19 pandemic began, it is estimated this number is significantly higher than the 6.1% of the UK workforce who did so a few years ago. This means that companies that did not previously have a cyber security policy that accounted for home working are now forced to create one fast or leave the enterprise in a vulnerable state. Organisations more experienced in WFH will need to quickly adapt to the increase demands.

As such, CIOs must quickly and securely scale the devices under their organisation’s control. An efficient and painless way to do this is to instate a Bring-Your-Own-Device (BYOD) policy. A BYOD policy assumes employees are going to be using their personal devices for business use. This means there is an added risk to the enterprise since employees will be accessing sensitive corporate resources from networks and devices which are not restricted in a physical perimeter that IT departments can monitor and secure.

Securing personal devices

Using a comprehensive unified endpoint management (UEM) platform as part of their BYOD policy means IT departments can secure corporate data on multiple devices from different locations and monitor and mitigate threats from afar. Out-of-date programmes and operating systems, unsecured Wi-Fi networks and a lack of antivirus software are all potential risk factors.

In some cases, partitions can be created so that the device is split into two user personas: the work persona, and the personal one. In this way, the employee has full access over the personal side of the device, while the work side is kept separate and safe from threats from websites, programmes or applications that are used on the personal side.

Securing personal networks

Apart from securing devices, CIOs can also enact policies that make use of virtual private networks (VPNs) with split tunnel capabilities, in order to protect the enterprise from threats brought about by the different Wi-Fi networks employees connect to. Employees’ home Wi-Fi routers can all be configured in different ways which can allow varying levels of protection and a split tunnel VPN is the most secure way for employees to access company networks.

Split tunnel VPNs provide connectivity to resources behind the corporate firewall so mobile employees can access the productivity apps and content they need without jumping through security hurdles to get there. CIOs should choose a VPN that can be established over any network for scalability. Personal and malicious apps are blocked so that only business data flows through the VPN, which provides greater protection for enterprise data and user privacy.

Ensuring continuous protection

Another significant step CIOs should take to empower employees to work remotely and securely is the deployment of a threat detection management tool. This protects the device and the data it contains from threats at an application, device and network level, from leaky or malicious software and from phishing attacks. It does this by constantly monitoring for threats that exploit security gaps and user behaviour, even when the device is offline.

A threat detection management tool also works to immediately remediate potential threats and breaches by instantly notifying users or taking action to quarantine devices. There is no need for users to activate or deploy the software as it can be remotely managed by IT departments, which also ensures users are unable to modify or remove the threat detection tool from their device. In this way, the enterprise offers employees an additional layer of security which enables them to continue being productive without worrying about compromising important business data.

CIOs need to ensure they enrol new users and all their relevant devices under management to authenticate them. By utilising additional security measures such as VPNs and TDM tools as part of their security policies, they can ensure full protection within a boundaryless security perimeter. Completing the onboarding process for the entire workforce that is working remotely might be a time-consuming process, but it is vital this is done as soon as possible in order to ensure the security of the enterprise. Since cybercriminals are already exploiting the relaxed security measures brought about by the sudden need for organisations to shift a large part of their workforce to teleworking, as shown by a Europol report, these security measures must be enforced swiftly.”

By Barry O'Donnelll, Chief Operating Officer at TSG.
By Dr. Sven Krasser, Senior Vice President and Chief Scientist, CrowdStrike.
By Gareth Beanland, Infinidat.
By Nick Heudecker, Senior Director at Cribl.
By Stuart Green, Cloud Security Architect at Check Point Software Technologies.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Damien Brophy, Vice President EMEA at ThoughtSpot.