It goes without saying that employee demands have significantly shifted since the pandemic, resulting in many businesses introducing remote and hybrid working as part of their long-term working culture.
Traditional businesses that are calling their employees back to full-time office work are treading on thin ice. In fact, a recent survey from Slack found that of 1,000 employees, 16% expressed their reason to change job is due to full-time office working.
However, many businesses have realised the importance of providing this flexibility and consequently offer hybrid working as part of the job description to retain and attract better talent. Though working virtually does fulfil employee demands, it also puts businesses in a perilous position and vulnerable to cybercrime if not executed correctly.
Challenges of a remote workforce
The work-from-home model has led businesses to face more challenges in data security and user monitoring. According to recent research from the British Chambers of Commerce, one in 10 companies became victims of a cyber attack in the last year. This figure further goes to one in seven while talking about larger firms. In addition, more than half of UK organisations assert that increased work-from-home, accelerated by the pandemic, has left their IT systems more exposed to cyber attacks.
These attacks not only prove to be dangerous for the organisation but also compromise the sensitive information about their stakeholders that can increase their exposure to a cybercrime. It therefore becomes imperative to have appropriate cybersecurity measures in place to shield the business from criminal activity in cyberspace, such as phishing and ransomware. According to Forbes, ransomware cost businesses worldwide $20 billion in 2021 and is expected to rise to $265 billion by 2031. This not only indicates the upcoming rise in cybersecurity challenges for businesses, but also makes it necessary for businesses to plan their cybersecurity strategy.
Impact on data centres
Data centres are often the first space for enterprises that provide reliable and scalable access to sensitive information. Throughout the pandemic, customer demands have been changing rapidly. Increased virtualisation has led to the emergence of several IT solutions that are based on the effective use of infrastructure housed in data centres.
Due to the rise in the ‘digital’ there is now much more information stored in a data centre than ever before. Therefore, data centres have not only become vulnerable but also more valuable, so is the role of cybersecurity.
Cloud implementation: the panacea for cybersecurity issues
Cloud-based technologies such as virtual desktop infrastructure (VDI) and Desktop-as-a-Service (DaaS) enable businesses to implement critical cybersecurity measures that are difficult to penetrate including zero trust architecture (ZTA) and shielded logins. In a post-pandemic era where remote working has become the ‘new normal’, credential thefts are rife. However, cloud-based authentication services can add an additional layer of security by making backend systems perform the majority of the authentication process.
Zero trust approach is necessary
Hackers continue to find new ways to penetrate various security systems. Insider threats continue to be a serious concern due to trusted people taking leverage of their access for their malicious purposes. Organisations should look to upgrade their outdated security systems to advanced authentication-based systems that not only verify access throughout but also monitor user activity while tracking the duration, location, and time of logins.
The ZTA (Zero Trust Architecture) platform treats every user in an equal way with no trust, and creates the same criteria for login for each individual. It provides users with an isolated environment in order to minimise the risk of spying and misuse of the data. In this platform each access, irrespective of it being external or internal, is authenticated. Users are not only checked at the time of login but their activity is continuously monitored and trust status is questioned regularly. Any risk detected during the activity interrupts the granted access to the user. The application focuses on defined corporate assets instead of individual network segments.
Implementation of ZTA can not only reduce the threat surface, a sum of different points where hackers can try to extract data of the business, but at the same time can increase the control of the authentication while maximising visibility and user activity. The use of zero trust for access can also play a significant role in providing protection from external breaches. What’s more, organisations that implement a combination of ZTA to deliver resources from data centres will be able to complement the cybersecurity solutions employed at the data centres themselves.
Separation: the key to eliminate human-error
It has been observed in the past that most corporate data breaches are the result of employee error. According to an IBM Cyber Security Intelligence Index Report, human error was a major contributing factor in 95% of the data breaches. This is where separation comes into the picture and can aid a company to avoid risk of a data breach caused by human mistake.
Separating the hosting environment for users and businesses can play a key role in eliminating the risk of a breach caused by human error. By the virtue of cloud offerings, organisations can strengthen their bring-your-own-device (BYOD) models and each user can be allocated the access to some necessary data required by the user instead of the full access to the confidential data. By implementing this approach not only can companies avoid any risks of a data breach but gain more control over what is exposed to the employees based on their level in the organisation.
Keeping the fact in mind that more than half of 18 to 34 year olds do not want to work full time in office, it becomes explicit that remote working is here to stay. Businesses at this stage should avoid cutting back on investing in cybersecurity. Although the UK government is consulting on new measures to maximise the cybersecurity of the British organisations, it is imperative that businesses initiate their responsible role in protecting their cyber assets amidst this increase in teleworking.
With 2022 welcoming the growth of work-from-home and businesses making it a part of their perks, cloud computing is a one-stop shop solution for organisations to embrace hybrid working and deal with various security related issues for businesses in the post-pandemic world.