Since the outbreak of COVID-19, a huge portion of workers have suddenly been forced to work from home to stay safe. This has brought about considerable security challenges for business leaders and their staff. The FBI revealed that reports of hacking attempts have risen significantly by three- or four-fold since the global pandemic began. We’ve seen leading video conferencing app, Zoom fall victim to a hack which saw the credentials of half a million accounts stolen and sold on the dark web.
IT departments are feeling the full force of the pandemic, stretched by the vast uptake in new tools and devices amongst staff to work remotely. With more businesses than ever taking quick action to deploy remote working tools, the threat of compromise at the hands of opportunists also reached a peak. Simultaneously, the surface for a potential attack of businesses globally has expanded, creating multiple vulnerabilities that hackers will be looking to utilise. Despite the need for a quick fix, security should remain top of every decision maker’s agenda.
Risks to the remote working setup
The speed and volume of demand for domain-joined devices to deliver secure remote working have skyrocketed and many VPNs have not been able to cope. Around 26% of UK businesses are still relying on VPNs to grant the user access to corporate networks and applications, even for those that run in the cloud. This is for cybersecurity reasons, as it is critical to protect data when transferring from user to cloud applications by routing it through network security appliances in the office.
However, VPNs have inherent security issues that can be exploited to allow attackers to gain access to a network. A weak identity or an unguarded device can open up access to valuable information through the VPN to unwanted and often undetected visitors. In a time where access to on-premise devices and networks is limited, the significant housekeeping to stay on top of patching VPNs is by no means scalable or effective.
Another option is remote PC access, which enables virtual access to a switched on device located in the office via hosted desktops. As far as security concerns go, having fixed static PCs switched on in an unmanned office should get the alarm bells ringing. Yes, this technology is easy to deploy, but leaving computers with business-critical data on and unattended for large periods is a clear and obvious threat to any organisation’s cyber security. There is still uncertainty over when workers will return to offices and for every day they are not present, risk to networks and data increases.
Threats to the personal device
In most cases, employees have been able to work on their own devices whilst being a home. In fact, according to a recent study, 24.5% of respondents say they were working on a personal laptop and 58% added that they have saved work documents on a personal device. Without a secure remote working solution, companies could face a massive security attack. Organisations are placing a large amount of trust on its employees to make sure they are working safely and efficiently, and in many cases are relying on them to have anti-virus software installed on their devices to protect their networks and files from compromise.
Software-as-a-Service (SaaS) applications are being used more than ever in the workplace to deliver easy access to applications across an entire workforce. However, granting access to these applications on an unprotected or unmonitored device can create no-end of security trouble – from web browser hacking, key logging and even insider threats when SaaS apps are accessed on a network and device outside of your control. But how do you mitigate these risks and build a resilient security framework that keeps your business safe and employees productive?
Safeguard security in the cloud
Cloud connected solutions can eliminate many of these concerns. Hosted technologies are on an upward trajectory and are being used as a vehicle for secure flexibility. Moving data and information onto an off-site secure hosted environment allows employees to access all of their work from wherever they may be in the world, using whichever device they wish. With data always held in one secure hosted environment, security is maximised as data is never downloaded to an individual device, therefore reducing any risks. Therefore, businesses do not rely on their employees for security patching, with updates applied centrally and to all users simultaneously.
Hosted Desktops also add another layer of convenience for employees, through easily accessing all of their emails, files and applications. With data held in off-premise data centres with no physical access to systems on static office devices, staff can work securely on their preferred device, which has been known to increase productivity. As long as employees have access to an internet connection, they will also have full access to this cloud-based workspace. By using a cloud solution, businesses can offer a secure single sign-on to all files, applications and desktops. This also allows IT teams to monitor and control all user interactions.
Solutions such as Citrix Workspace can also support users inputting security first, by securing SaaS applications through two-factor authentication, sophisticated access controls and disaster recovery for optimal data protection. This creates safe and secure workspaces to give business leaders peace of mind that they are minimising risk to their organisations and protecting cost-effective BYOD strategies. Some cloud-based collaboration tools can also offer another layer of security by design. For example, Microsoft Teams offers a unified set of tools that comes as part of the Microsoft 365 suite (formally Office 365), which not only allow for collaboration on documents but prevent siloed data for enterprise level security.
As the future leans towards a permanent remote working policy, companies should consider a cloud-based solution to keep its data and its employees safe. By investing in Hosted Desktops, companies can create robust remote workspaces and ensure that staff are working securely with multi-factor authentication and security patches – as well as removing dependence on employees to perform updates and manage valuable data. With remote working here to stay on a global scale, cloud connected solutions are better equipped to cope with rapid demand and help businesses prepare for tomorrow, today.
By Pete Watson, CEO, Atlas Cloud.