It has been several months since health and government guidelines mandated office closures around the world. In that time, the coronavirus pandemic has dramatically accelerated the pace at which organizations across industries had been transitioning into digital businesses. Employees have had to find new ways to be productive while working from their kitchen tables and CIOs and IT administrators have had to ensure those workers are equipped with the same tools and resources they had available in the office, without compromising security.
Previously more of a business “trend,” remote work will likely become the default for many organizations. According to Upwork, the expected growth rate of full-time remote work over the next five years has doubled, from 30 to 65 percent. However, truly digital business is about more than just enabling employees to work from home. IT must build systems and processes that make distributed business operations and information sharing both seamless and secure. This is why it’s crucial for CIOs and IT administrators to create plans now that help remote employees work collaboratively with access to the files and content they need, while minimizing risk and improving the security of company data.
- Q&A: The security considerations of remote working (opens in new tab)
IT’s top remote work challenges
As the effects of the Covid-19 began rippling through the business world, many networks became overwhelmed due to the sheer volume of employees working outside the traditional enterprise perimeter. Most business networks were simply not equipped to support remote work en masse. In addition, more people in each home are now relying on the internet -- one parent participating in a webinar, the other on a video call, and kids connecting to school networks -- all competing for a limited amount of bandwidth.
Even though workers today have plenty of communication tools at their disposal (Outlook, Slack, Zoom, etc.), slow or unstable connections can be an instant productivity killer. For many, this has led to ad hoc, cobbled-together solutions that typically involve using hotspots on personal devices or relying on email or shadow IT cloud apps, like free file storage services. While a quick fix to accomplish necessary to-dos, this approach switches network access on and off, multiplying access points and diminishing (if not eradicating) adherence to security policies. As a result, these shortcuts increase exposure to data breaches, ransomware, and other security risks.
To provide remote workers with safe access to the files and content they need most in a way that’s both convenient for them and keeps IT teams sane in the process, CIOs and IT admins should consider these strategies:
1. Don’t Fully Rely on VPNs for Security: Although VPNs have been a longstanding method for privately and securely sharing data across networks and distributed locations, they can frustrate end users and increase security risks. VPNs can and should still be used to provide point-to-point access to a company’s network for core infrastructure tasks, but CIOs and IT admins must also provide remote workers with alternative solutions for accessing and sharing files securely that don’t hinder productivity. To that end, organizations are increasingly finding value in multi-factor authentication (to ensure only the right users have access to sensitive information) and a single point of access for company files and content (to simplify and secure file storage and sharing). Tools like these can help remote workers quickly and securely get access to the content they need without being burdened by slow VPN connections.
2. Strengthen Data Protections to Prepare for the Worst: While most businesses plan ahead and have disaster recovery plans in place, it’s difficult to measure the effectiveness of these precautions until they are put into practice. As the rapid shift to a remote work environment has illustrated, companies now face new security challenges they hadn’t previously considered, such as employees circumventing IT policies, greater use of personal devices to access company data, and more. As IT teams continue to respond to these challenges and prepare for new ones, they need to enhance their data protection efforts. Some ways to do this include implementing advanced antivirus, endpoint defenses and ransomware protections to avert off-network attacks, and strengthening file permission policies through end-to-end encryption to ensure all shared files and folders remain private.
3. Scale Monitoring and Enforcement for Key IT Policies: Centralizing network security compliance and governance is much easier for CIOs and IT admins when everyone is in the same location, but with teams currently operating from home using unfamiliar networks and devices, it is much more difficult to enforce key IT policies. So how can IT teams manage security with so many environments outside their control? They need to create network usage guidelines that comply with industry and government standards and leverage automated policy enforcement to ensure employees are operating safely and securely at scale. For example, consider an employee using his personal home computer to download an email attachment from his work email to temporarily work on that document. The company now has the liability of potentially sensitive data that resides in an environment that they don't have any control over. Leveraging a single content management platform can also go a long way toward ensuring that IT policies are applied and enforced uniformly regardless of the location of each employee.
4. Modernize Legacy Content Infrastructure: The move to remote work has also raised questions about how content infrastructure impacts data security now that company data and the employees accessing it span a wide variety of locations beyond the traditional office environment. This means IT teams have much more data and content to manage and protect than what is traditionally housed on-premise or in the data center itself. While some IT teams can modernize their content infrastructure by moving to a centralized, cloud-based management system, others are bound by costs or contracts that require them to preserve legacy systems. But settling for outdated content infrastructure simply isn’t tenable as remote work continues to present new productivity, security and compliance challenges. In these cases, organizations can adopt hybrid solutions that seamlessly integrate new cloud-based content management systems with legacy hardware to ensure that IT has a greater degree of control over content management and file sharing.
The business disruption caused by Covid-19 has left remote workers in companies of all sizes feeling overwhelmed and stretched thin, and the pressure is even greater for CIOs and IT admins whose responsibility it is to provide workers with safe and easy access to the files they need to be productive. A key takeaway of this crisis is that it has highlighted that all digital businesses must transition away from antiquated and disparate content management systems in favor of a more centralized, intelligent, and secure approach. Though it can be a significant undertaking for IT teams to adapt to this new world with new strategies, systems, and policies that support remote work, those that do will see tremendous benefits over the long term. The impact of remote work on modern business has only just begun. Is your organization making the necessary adjustments?
- The best antivirus software of 2020 (opens in new tab)
Kris Lahiri, co-founder and the Chief Security Officer, Egnyte (opens in new tab)