Securing the future of work

When companies think of security, they often think of passwords, encryption and hacking. While all important considerations, with the transition to flexible, hybrid, or fully remote work, there are many new aspects that come up in the security equation that must stand up to corporate standards and requirements, as 78 per cent of security and IT leaders say that remote workers are harder to keep secure.

The challenge for many SMEs is to balance software and technology that is secure, user friendly and at the right price point to meet the needs of the business while keeping users — employees and customers — happy and engaged. Most importantly, simplicity in useability should not correlate to less security.

Balancing protection and user friendliness

The workforce today are very familiar with messenger, video telephony and social media apps from their personal lives, and expect the same intuitive usability for enterprise applications in the workplace.

However, these platforms must also be secure to provide safe and private digital spaces for calls, meetings, virtual events and more. Data privacy and security are essential to protecting personal and confidential information, and a mature business continuity plan will ensure that all employees are fully functional when working online, with additional security protocols like multi-factor authentication and zero-trust security to manage employees’ external devices. The IT department must prioritise working with vendors that ensure external security teams and all external providers remain proactive and dedicated to upholding industry-standard cybersecurity.

There are three key considerations for business leaders when it comes to managing their technology stack and selecting the right solution. In fact, with modern tools, technology can provide the air cover that a chief information security officer would require at a large company. These tools start with zero-trust security:

1. Consolidation of business applications

Communicating and collaborating with teams and stakeholders needs to work flawlessly, or businesses risk losing customers. However, this is often one of the largest hurdles IT teams have to tackle. According to research by Frost & Sullivan, commissioned by flexible work solutions provider GoTo, IT departments’ workload increased 76% in 2021 versus 2020 due to flexible work models. And 43% said IT has become more difficult overall as a result of these new, flexible ways of working.

SMEs that are fortunate enough to have a dedicated IT team are also at risk of overworking their IT people. Companies with no IT people may fall behind more tech-capable competitors. The panacea is to consolidate multiple business applications and deploy a solution that unifies everything into one to empower IT teams and employees everywhere. In fact, the same research reported that 95% of companies have either already consolidated or have plans to consolidate their tech stack in 2022.

As employees easily access files, programs and the network from wherever they are, IT must ensure it has seamless, reliable access to any machine to make hybrid work possible for everyone in addition to providing fast, frictionless remote IT support management, on any device, any network, anywhere.

Management teams are more dedicated than ever to securing flexible work and employee devices, in order to reduce friction with external applications and facilitate a simple technology environment for their employees. Yet, technology should be economical.

For example, in years past, companies had to install expensive PBX hardware to manage calls, regardless of call volume. In the era of software-as-a-service (SaaS) based in the cloud, smaller companies can fine-tune their phone system to their precise needs, paying only for the technology they actually use. They can also bundle key tools in one unified solution for phone, meeting, messaging, and contact centre. SaaS can yield savings for smaller enterprises while providing the scale required for rapid growth.

2. Implementation of security controls

Protecting the communications and support infrastructure, and the data it contains, requires the use of industry standard security controls. Using logical access control or a perimeter protection tool, administrators can reduce the risk of unauthorised application access or unauthorised network traffic.

Centrally stored cloud solutions have the advantage that data is stored centrally and IT managers can create backups automatically and freely. In addition to malware protection and encryption for written and verbal communications, it is also important to have comprehensive vulnerability management and monthly network scans. This way, administrators always have an eye on the remote work solution.

Security and reliability should be a top deciding factor when evaluating software tools. This is especially critical for SMEs working with limited IT resources. Different working styles of employees in a company creates numerous opportunities for vulnerabilities. Take remote access and IT support tools. Without zero trust, bad actors can use such tools to push malware into customer devices operating under the assumption that anything inside is to be trusted. This can’t happen with zero-trust based support software.

3. A dedicated security team

A mature business continuity plan ensures that all teams are fully functional even when working remotely. Since the beginning of the COVID-19 pandemic, it has proven useful to increase network capacity as well as the ability to move traffic. This way, IT can avoid what is known as a single point of failure. Having dedicated in-house security teams and/or working with a trusted vendor that is monitoring all cloud services around the clock helps to meet or even exceed a company’s data protection and security standards.

Whether from malware, phishing attacks, fake websites, spammers or scammers, the increase in flexible work during the pandemic has caused the number of cyber attacks to skyrocket in many industries. The remedy is the implementation of a unified yet simple technology with zero-trust security. Platforms that detect suspicious behaviour in user profiles, even when logging in remotely from a non-authorised device, prevent hacker access and add an extra layer of security to corporate IT. Authorised employees, meanwhile, benefit from user-friendly, simple login processes via single sign-on to quickly access data, programs, calls or virtual meetings, greatly reducing potential confusion and increasing flexibility in the remote working environment.

Image credit: ©stock.adobe.com/au/tippapatt