Key considerations for securing the remote workforce
Organisations across the globe have had their business continuity plans put to the test, as social distancing has forced remote working to become a new norm.
Never before have organisations raced so fast to accelerate their capacity to support telecommuting at scale. What was once a flexible work arrangement has quickly turned into a necessity to facilitate ongoing business operations.
Cybercriminals have been quick to catch on and have been exploiting the situation since lockdown measures were first introduced with phishing emails and other social engineering tactics.
With telework security front of mind for many organisations, we’re looking at the key considerations for securing the remote workforce.
Understand where your customer is at
By now most organisations have bitten the bullet to enable their employees to work from home in response to social distancing guidelines. In fact Gartner’s March 2020 HR survey of 800 global HR executives found that 88 per cent of organisations have encouraged or required employees to work from home.
While it’s commendable to see the acceleration of such arrangements, fast deployment can result in serious security implications.
There are many elements to consider: availability of resources; access, authorisation and authentication controls; and VPN and endpoint security are just the tip of the iceberg.
Ensuring the correct configuration of systems and adequate policies is a key step to ensuring effective security. This should also extend to data compliance, disaster recovery and incident response.
Partners can engage their customers to help them gain complete visibility over their remote infrastructure to address any security gaps.
Arrow works closely with various leading security vendors who offer security solutions to this end. You can view our security vendor portfolio here.
If your customer hasn’t yet made the move to a remote workforce, now is the time to lay the groundwork. Partners can help their customers to determine their existing resources for enabling remote telecommuting and to assess the associated risks.
Implement and test the solution
Once any security gaps have been identified, the next step is to implement and test a solution to address those gaps. The ideal situation is to be able to deploy a solution without hindering security or productivity, but this requires deep expertise.
There are multiple professional services partners can leverage to ensure the correct configuration and deployment of a security solution for a remote workforce.
In addition to distributing security solutions, Arrow offers a range of professional services to enable partners to achieve a seamless implementation, first time around.
In fact Arrow has long provided remote engineering support through Arrow Assist.
Whether resources are low or you want to add a second layer of assurance, our engineers can provide remote engineering support for:
- IT assessments and health checks
- Testing, configuration and upgrades
- Cloud migration support
- Connectivity and security
- Strategic advice and consultation
- Technological and solution support for all our vendor products.
With most organisations having already shifted to the remote workforce, now is prime time for organisations to monitor their new environment and to conduct a full risk assessment.
By leveraging Arrow Assist, partners can help their customers to quantify risk and prioritise actions to ensure their environment is adequately set up for threat prevention, detection and response.
Employee security awareness training
Now more than ever employees working remotely must keep their cyber-hygiene top of mind to help thwart cybercriminals who are looking to take advantage of these unprecedented times.
According to Spiceworks 2019 State of IT report, awareness training and live tests together are “considered the most effective solution for preventing security incidents” across numerous industries.
Through security awareness training, organisations can equip their employees with the right knowledge and tools to help keep them from falling prey to cyber attacks, such as unsolicited emails.
As a partner, you can help educate your customers on how they can influence behaviour change to create a security culture that mitigates risks associated with human error and manipulation. This blog offers insights on how you can help your customers to implement a compelling security awareness training program.
Securing a new way of life
There is no clear directive for when employees will be able to return to the office or their usual workplace. And, even when that time comes, it’s possible some employees will want to retain some form of remote working flexibility.
These factors combined make it a perfect time for organisations to review their business continuity plans.
The ability to adapt to change and to do so quickly will continue to be an essential skill.
Security partners can help by consulting their customers on a long-term strategy for securing an agile workforce under changing circumstances.
Organisations will want the agility and flexibility to return to the traditional workspace but also to roll into remote work again with minimal notice, both while maintaining productivity and security. They will want the ability to adapt to changing circumstances while also maintaining regulatory compliance for data.
Arrow is playing a key role in helping partners and their customers counter the challenges of cybersecurity in the digital age.
Our approach to security starts with visibility, because you can’t secure what you can’t see.