Especially towards the beginning of the corona crisis, many organisations experienced security breaches because they were not properly equipped for a hybrid work environment. A study by IBM shows that between August 2019 and August 2020, there were more than 500 cyber-security breaches. On average, each breach cost $3.86 million and took nearly 300 days to identify and deal with*. Even now, more than a year later, many organisations have not sufficiently adapted their IT environments to facilitate secure hybrid working.
Tip 1: Educate your employees on security
Your company’s employees play a crucial role in securing your corporate data. But are they aware of it? An IBM report has demonstrated that approximately 95% of IT security breaches are the result of human error, proving the importance of educating your staff about security.
But where to start? Make sure employees are aware of current cyber threats, such as phishing. You can do this through security awareness simulations, workshops and courses, among other measures.
Zero Trust Network Access
In addition to properly trained employees, you also need IT solutions that will help you secure your company’s data. Equip home workers with Zero Trust Network Access (ZTNA).
ZTNA is like an advanced VPN, ensuring a secure connection to the company network from wherever you are. By default, home networks are not encrypted, and changing that is an essential step if you want to really protect your corporate data. ZTNA is based on the principle that nothing and nobody can be trusted. Each time you try to log in, you have to pass multi-factor authentication (MFA), regardless of your location or device, meaning that you’ll need to provide a password plus an additional method of identification. This is usually a code sent to your mobile device by text message or an app.
ZTNA ensures that only authorised users have access to specific applications and, unlike with a VPN, users do not have access to the corporate network. VPN effectively trusts everyone on the network, meaning that as soon as someone gains access to the corporate network, they have instant access to all data. A zero-trust network allows you to set up location and device-specific access control policies to counter this.
Stop shadow IT
Using hardware or software that is not approved by the IT department can result in data breaches, e.g. through private laptops being connected to the company network or user’s personal applications like Google Docs. This is called Shadow IT.
Shadow IT mainly arises because employees take issue with the limitations of the corporate IT infrastructure. Dissatisfied employees fall back on their own user-friendly resources and some 80% of employees admit to using non-IT-approved SaaS solutions on their workstation**. There is no one-size-fits-all solution to this.
But you can ask yourself whether you are providing your employees with optimal working conditions. Striving for employee satisfaction will discourage high staff turnover rates and providing the right tools for the job will discourage anyone from coming up with their own solutions.
Use zero touch deployment
Do you want to be more in control of data security in your company? Then start using zero touch deployment. This has many security benefits including taking away the potential for human error. You can configure devices in advance, for example, carefully consider security and network settings, and enforce new passwords. If something does go wrong, a device can be remotely locked and removed. Zero touch deployment is used, for example, in Device as a Service solutions where you pay a fixed amount per workstation, per month for hardware and services. With zero touch deployment, devices are delivered to end users preconfigured and ready to be used. Read more about zero touch deployment here.
The security risks of hybrid working can be easily managed when you have a sound IT foundation in place, with a range of options for ensuring the security of your sensitive business data. Want to find out which solutions are best suited to your organisation? Feel free to contact one of our specialists.