Now that we’ve rapidly deployed the technology needed to enable a remote workforce... what about security? Organizations have to keep growing their maturity around this, says Insight National Director of Network and Cloud Security Jason Rader in a new Defrag This podcast. Here is the write-up from Greg Mooney at Defrag This and a link to listen.
Most of us are working from home if we aren't an essential worker. Some of us embrace the work from home culture, while others dread it. But there is a lot of IT can do to minimize issues and distractions from a WFH culture.
When employees are working remotely, there is a myriad of security issues that can come up. This can be due to Shadow IT or hacked personal devices. Then there is the issue of bandwidth consumption during video calls. If the apps and services aren't working for your users, that can lead to unnecessary frustration as well as Shadow IT. Ultimately, this can cause issues with business continuity.
I had a chance to speak with Jason Rader, National Director of Network and Cloud Security at Insight Enterprises. We got his perspective on some of the challenges IT teams are facing during the pandemic, such as Shadow IT and data security issues.
The New Stresses of a Remote Workforce
The first thing that Jason discussed was the primary stress that was inflicting IT teams since the pandemic started. What Jason has found was that the rapid adoption of everyone working from home was causing unexpected issues with maintaining business continuity. IT teams who had a disaster recovery plan in place seem to have weathered this storm more so than others who hadn't been as prepared for this type of crisis.
At this point, many IT teams have adjusted, but there is still a lot to learn. Jason explains that now we are in the new normal and that going back to how things were are more and more unlikely as it pertains to a remote workforce. Security is a significant factor in how we monitor and secure business networks moving forward.
"The new normal is how we are going to have to adapt," says Jason. "And I think that from a security perspective is huge because we had everything dialed in beforehand. We just enabled a bunch of people. Our perimeters changed significantly. We have a lot of employees sitting at home with personal devices or mobile devices, and we may crossing over a bridge we never crossed before."
Multifactor Authentication (MFA) Is Business Critical
We then discussed some ways we can secure our increasingly large perimeter defenses. MFA has been probably the best way to authenticate users properly as opposed to just using a password.
"MFA is a big deal! It may be slightly annoying, but the company I came from was the defacto MFA standard if you will," explains Jason. "And a lot of folks, that user acceptance aspect of using a FOB or a token to log in, you know we're lightyears ahead of where we used to be. Now we authenticators on our phones, and we've got capabilities that are relatively easy."
Dealing with Shadow IT
Lastly, we discussed the issues surrounding Shadow IT. Jason agreed that having toolkits or repositories of apps that end users can tap into is a great way to ensure IT knows what employees are using while allowing them to get their job effectively. Instead of forcing users to use certain software, whether this is due to licensing or security issues, IT can work with end-users. IT needs to understand better what employees need, and employees should even go as far as suggesting to IT the types of apps and services they should be using.
Whether it's implementing next-generation firewalls or providing users with the hardware and software that work ergonomically for them, IT will be the focal point for business continuity moving forward. Many IT teams have already dealt with the aftermath of having employees work from home, but now is time to focus on the security implications of the crises. This could be more vigorous security training for employees or merely ensuring that users are working closely with IT every step of the way.