Cyber Security and Hybrid Working

Charlie Acfield from Totality Services gives us some advice on how to tackle the cybersecurity risks associated with hybrid working.

Cyber security image

 

The Financial Conduct Authority recently announced plans to evaluating those firms considering remote or hybrid working on a case-by-case basis, with firms required to prove that their employees remote working does not – or is not likely to – be detrimental to consumers, damage the integrity of the market, increase financial crime or cyber security risks or reduce the element of competition.

IT experts have drawn attention to the issue of cyber security as hybrid working becomes more commonplace. Those working remotely may not have the data and network protection that they have in the office and it is not easy for businesses IT support to deal with hardware and computer problems when workers are remote.

<Collectively, smaller businesses are subject to almost 10,000 cyber attacks per day, according the UK’s Federation of Small Businesses. One in five small firms say that they have suffered a cyber attack in the last two years. Even worse, the annual cost of these IT security attacks to the small business community is estimated to be around £4.5 billion.

Charlie Acfield, Technical IT Director at Totality Services explains: “When company systems were only used and accessed in the office, the risks were more straightforward to mitigate as more control was possible. With recent changes to more remote and flexible work practices, technology can help to protect the methods of data access as well as the endpoints themselves, whether they be personal devices (BYOD), company-owned, or mobiles.”

To help businesses to stay secure as they operate hybrid working models, Charlie highlights the most common cyber security risks that companies face, together with useful ideas of how to mitigate these: 

Remote company data access

Naturally, this is the most prominent risk from hybrid working as employees need to access company data remotely, whether in the Cloud or via remotely connecting back in to the main corporate network. When working remotely or logging into public networks, risks can increase and IT support teams can’t control the network and the associated security settings.

Personal/un-managed device usage

Staff area increasingly accessing corporate data from personal, un-managed devices, often on unknown and potentially insecure networks. All of these carry an extra risk as employees may not have taken sufficient, if any, security measures, such as keeping device software updated or using strong enough passwords and/or Multi-Factor Authentication. This means that the device and company data is at a higher risk of attack.

On-site business applications

Legacy line-of-business applications – which more often than not reside on on-premise company servers- can be particularly problematic. However, these can be complicated in order to provide efficient and secure access to those staff and devices operating remotely as well as in the office.

How can companies take to mitigate the risks?

A layered approach should be taken that builds up protection from the data source all of the way through to the endpoint, where possible:

  • Protect cloud platforms: Platforms in the Cloud, such as Microsoft 365 and Google Workspace, should be protected by company policies such as enforcing Multi-Factor Authentication (MFA) and encryption, as well as preventing data being downloaded to unknown/personal devices.
  • Device security measures: Any device being used to access company data needs to be protected beyond just the boundary of the corporate network, with services such as DNS protection or secure, always-on VPN back in to the office or data centre.
  • DNS protection can be installed on laptops, Macs and PCs and checks that the websites being accessed by employees are legitimate. DNS protection also ensures that any login credentials input into websites remain secure and private.
  • Migrate on-premise applications: On-premise applications can often be migrated to platforms in the Cloud such as Microsoft Azure Virtual Desktops. These can provide far greater security and flexibility than is possible on traditional corporate servers and networks.

Your Franchise Selection

Click the button below to register your interest with all the franchises in your selection

Request FREE Information Now

Your Franchise Selection

This franchise opportunity has been added to your franchise selection

image

title

Click the button below to register your interest with all the franchises in your selection

Request FREE Information Now


You may be interested in these similar franchises