FINAL WORD
Nearly half of UK businesses believe
their cybersecurity policies are unfit for a
permanent remote working model.
People and policy – a twopronged
approach
Organisations must ensure that they have
sufficient security protocols and systems
in place to support a permanent move
to remote working in some capacity. To
do this, they must adopt a two-pronged
approach. Whilst it’s important to have the
right software and systems, organisations
must focus on the people aspect of security.
Employees are the first line of defence to all
cyberattacks and it is a permanent process
to keep employees engaged in the risks and
ways to avoid attack.
1. End-to-end encryption and two
factor authentication
It’s time to say goodbye to traditional
PBX office phone systems and embrace
communication technology with enterpriseclass
security which keeps employees and
data safe whilst working remotely. Cisco
Webex Calling, for example, is an appdriven,
enterprise level alternative with a
robust security architecture which includes
true end-to-end encryption and two factor
authentication (2FA). 2FA is fast becoming
essential protection to help prevent
malicious logins due to stolen credentials.
However, while it has been more widely
adopted it’s still underused.
Using communication platforms with
these enterprise-class security features
reduces the risk of hacking and attendees
gaining access to meetings and calls that
include sensitive information that they
shouldn’t be a part of.
2. Employee cybersecurity education
The cybersecurity landscape is constantly
evolving and even the most robust
communication platforms and security
policies can be undermined by employees
who lack an understanding of cybersecurity
risks and prevention measures. It is
essential that organisations provide
up-to-date, comprehensive and
continuous cybersecurity training for
all employees, from the intern up to the
CEO. At the end of the day, a company’s
cybersecurity posture is only as strong as
its employees’ understanding.
Remote working opens up a particular
set of cybersecurity risks, since many
employees will be working from unsecured
personal devices and across Wi-Fi networks,
which are used for both personal and
business operations. Organisations need to
implement robust policies for using their
own devices and accessing the company
network from a home connection.
In addition to this, with the evolution
of IOT and the rapid adoption of smart
home and wearable technology, such as
smart watches with running and cycling
apps, we are sharing extremely personal
information through a connected network
daily. Whilst working from home, more and
more employees are using these IoT fitness
devices during their lunch breaks, sharing
data across social media.
Employees need to be made aware
of the risks that seemingly harmless
accessories, such as a fitness tracker, can
pose to company data and networks. IoT
devices, which often have much weaker
security controls than other devices, are the
perfect way in.
The future has come early
Designing and implementing new
security protocols and systems
requires a necessary time and
financial investment. Rather than
seeing this as a burden, organisations
should see this as a positive
opportunity to propel their workplace
into the future. Remote working was
always going to become an important
part of the modern-day workplace, the
opportunity has just arisen earlier than
expected. Likewise, maybe this is the
nudge businesses needed to get rid of
outdated and costly legacy office phone
systems and implement a more secure
communications strategy to protect
their data and employees. •
66