Secure Access: Business Confidential

This story is sponsored

The global move to the blended, digital workforce introduces concerns around security, access and business confidentiality, writes Tony Walt, Managing Executive for Security at Dimension Data

The global pandemic has almost completely changed traditional working models and approaches. Even those organisations resistant to cloud, digital and remote working have had to flex and adapt to the requirements of social and legal distancing regulations. The new workforce emerging from the rubble of the year wants the freedom to leverage both digital and physical environments to get the job done. Approaches have changed, methodologies have shifted, and statistics point to the rise of the blended workplace where people work from a mix of remote and office spaces. As companies and employees evolve and adapt to the new world of work, there is a critical need to embed security into this evolution from the outset.

The introduction of remote working, be it from home or any location that’s not the office, has also introduced vulnerabilities. Are all employees using devices issued by their organisations with the relevant controls, or are some using their own devices because pandemic restrictions limited their access? Who has access to these devices? The security risk isn’t just that family members could accidentally introduce malware or download unsafe content, but that patch and vulnerability management isn’t being implemented correctly. Whether a device is company-owned or part of a bring your own device (BYOD) strategy, organisations still need to ensure that policies around patches, security and access are rigorously maintained.

The problem in the pandemic is that IT departments were thrust into remote working conditions as rapidly as everyone else. Patch management, security, access, remote management — these concerns had to be addressed remotely, often while adapting to new systems and solutions cobbled together at the last minute. Juggling remote employees learning how to work from kitchens and bar stools while keeping the company lights on and ensuring systems were capable of handling the stress meant that IT teams have been under immense pressure to keep the business running.


But the time to embed security is now. The attack surface has increased significantly, spreading outwards alongside a distributed workforce that could be easily contained in the past. A thousand people suddenly working from 1 000 locations instead of the one that they had before: this alone captures the magnitude of the change with regards to traffic flows.

Threat hunters have been taking advantage of the chaos: phishing attacks have increased; malware is on the rise and ransomware continues to plague even the most sophisticated systems. People are lured into clicking links that have been designed to prey on the fear factor, using terms such as Covid-19 and vaccination. And because they are external to the office, people are more vulnerable and susceptible than in the past.

Addressing these risks to ensure secure access starts with a security awareness training programme for all employees. This will provide them with insight into the types of attack that would be aimed at them, how to identify attacks, and understanding around the risks. It will ensure that the standards and basic controls around email hygiene and online behaviour are clearly understood, and that passwords are to the right levels for remote access and information sharing.  It’s also worth implementing additional controls at the infrastructure level that ensure firewalls and access, among other factors, are absolutely secure. These can be further enhanced by undertaking a cybersecurity assessment designed to identify vulnerabilities and evaluate the controls that are in place.  In addition, threat monitoring and management has to become a priority. Often, issues aren’t caught and compromises missed due to the complexities introduced by the virtual workplace. Organisations need the insights provided by threat analysis so that they can make the right security decisions.

The problem is time and skills. Few organisations have the capacity, tools or experience to monitor secure access 24/7 with the right levels of control.  Yet they have to constantly monitor for threats and compromise to ensure that they mitigate risk for governance and compliance. This can be resolved by working with a partner that can take care of the three Ps — platform, people and process. A security management partner can not only take care of security systems across email, scanning, behaviour and risk, but can support an organisation’s security in terms of governance and compliance. With the right partner, the business can look at the broader picture while the security partner ensures that cybersecurity is never neglected, always on, and capable of mitigating the most significant threats.

The world of work will likely remain in flux for the foreseeable future as organisations adapt to ongoing uncertainty. This means that security will have to constantly change and adapt to match. It’s a challenge, but one that can be mitigated with the right partner and posture. 

For more information, visit https://www.dimensiondata.com/

About Mail & Guardian Sponsored Stories

The Mail & Guardian’s sponsored stories are produced in association with paying partners. We work closely with our partners to ensure all stories meet our standards of editorial quality, and offer information of value to readers.

If you would like to speak to our team, please contact us at this email address.

Related stories

Advertising

Today's top stories

Pay-TV inquiry probes the Multichoice monopoly

Africa’s largest subscription television operator says it is under threat amid the emerging popularity of global platforms like Netflix and Amazon Prime

​No apology or comfort as another Marikana mother dies without...

Nomawethu Ma’Bhengu Sompeta, whose funeral will be held this weekend, was unequivocal in calling out the government for its response to the Marikana massacre

Children may benefit when parents share their digital gaming...

Digital games can provide forums for diverse groups of people to come together, which is especially important while our physical activities are restricted

‘No one took us seriously’: Black cops warned about racist...

Allegations of racism against the Capitol Police are nothing new: Over 250 Black cops have sued the department since 2001. Some of those former officers now say it’s no surprise white nationalists were able to storm the building

Zuma won’t appear before Zondo commission on Monday, say his...

Last year the commission asked the Constitutional Court to force the former president to appear. Although ruling has not been made, the summons remains valid, but Zuma’s lawyers say they won’t honour it
Advertising

press releases

Loading latest Press Releases…