Personal Devices Connected To Work-related Resources, Have You Invested In Securing Remote-Working?

Given the current situation of the continued existence of the pandemic. Millions of employees continue to work from home to fulfill their work obligations and also to protect themselves from exposure. Having in mind that employees connect to work-related resources and share files across networks. It is paramount to mind the productivity and security of the platforms they use to connect to work-related resources. It is also important to mind the safety of the channels of communication staff use as they adapt to Remote-working.

The new hybrid workforce is here which is a blended model where employees work both remotely and on company premises.

The Scope

In the old days, providing protection towards the IT infrastructure was done in two ways. That is physical security and logical security were implemented. But these measures have been challenged by the emergence of the new normal both remotely and at places of work. There is a noticeable laxity in the security measures provided for remote working environments. This is not the case for physical security at the organization.

Taking us back to when the pandemic first hit. Organizations were taken by surprise. Everyone was caught unaware and some firms took many days without resuming work. Only a few that had earlier adopted online solutions like financial institutions, manufacturing, and a few firms, were able to continue normal operations but remotely. Even those that had employees working remotely tasked their IT departments to quickly get their staff the basic IT equipment that they needed to work from home at that time. This was planned to take place for a short time till lockdown would be lifted and normal work resumed at company premises.

Now as we progress with the still existing crisis, IT departments are further tasked to come up with an approach that covers a permanent secure remote working connectivity to work-related resources

Are organizations able to provide adequate security models to the new hybrid workforce?

According to the Cybersecurity Insiders report which points out a rapid adoption of unmanaged personal devices (BYOD) during remote working. Employees connect to work-related resources which increases the risk of uncontrolled access to intellectual property. This is in regard to the growing security threats such as malware and data theft.

Credit: Internet photo

While employees put into use their mobile handsets and other tech devices to accomplish their obligations, they contribute to the growth and expansion of remote working environments. This as well contributes to the challenges that IT departments face aligned to managing what resources these devices access.

As it is put in the summit Project Frontline of 2020, remote working and BYOD utilization has been experienced. The remote working was seen as a success where employee productivity and ease were seen to have hyped. However, this rapidly expanded the attacker surface to cybercriminals since there increased endpoint devices that are connected to work-related resources.

Top concerns going forward;

Remote working has contributed greatly to the increased use of mobile handsets and or personal devices to perform work-related tasks. This has triggered an alert to organizations to implement BYOD policies in their governance for compliance with information security standards. And going forward it has been proven beyond doubt that BYOD is here to stay.

Even with realized advantages that utilization of BYOD has brought to organizations, among which include productivity and reduced costs. There are unavoidable challenges associated with managing these devices that handle and process company data. Some of the challenges that fall are as follows;

  1. Security Risks; BYOD security is a much more serious issue where employees keep the company’s sensitive information together with their personal data. These devices are not limited to connect to any network after all they are not being controlled by the organization’s policies and measures. Having in mind that humankind has always been the weakest link in security, trusting your employees to handle sensitive data on their devices can be extremely risky. In the instance where there are no protective measures on BYOD devices, malicious people can easily use a compromised phone, tablet, laptop to gain access to your organization’s network.
  2. No control over BYOD; In the instance of the pandemic where staff uses their devices, is a clear sign that the IT department has no control over them. The IT team can not know which apps are used to process company data or whether the applications have no malware embedded. The devices are not aligned to the company’s group policy and so there the IT can not know how often the devices are upgraded or application vulnerabilities patched. There is no clear proof of what security measures are implemented on personal devices.
  3. Prone for malware; Oftentimes, businesses with full-fledged IT departments have failed to be fully protected from cyber-risks and fully patched from all vulnerabilities. But it’s even more difficult to have personal devices fully protected. Since the security measures for BYODs are not as strict, they are more prone and susceptible to malware attacks.

Conclusion

These and more challenges attached to BYOD must be taken into consideration. It is noticed that it may be hard to phase out BYODs in business enterprises going forward. Especially when organizations have realized how productive employees are when they put BYOD in use. This is also to bring to realization the fact that organizations need young talent. They need technology enthusiasts that use the latest technology to be productive amid the times when organizations care about cost-saving.

 

Ifis Updates

Subscribe to our newsletter

You will be able to get all our weekly updates through the email you submit.

Newsletter

Subscribe to Newletter

Subscribe to our newsletter and stay updated with the latest in cybersecurity and digital forensics.