The “new normal” is beginning to emerge and remote working is here to stay. Already it’s been reported that 41% of employees will prefer to continue working remotely. And for those companies who have broken the mould to create long-term flexibility, the outlay in resources for equipment and infrastructure changes, it is hoped that they will see a significant rise in employee engagement.
At the beginning of the year, for those in the financial and professional services, most firms only had a small percentage of their staff with access to remote working. This is especially true for financial institutions who minimised the number of employees working from home to reduce potential security risks.
However, now with the majority of firms still needing to work remotely or with a phased return approach, the exposure to cyberthreats has and continues to increase significantly.
Where are the cybersecurity gaps appearing?
It should be noted that blame cannot be directed at any one area of your business over another. Yes, the rise in home-working has opened up the chance for attacks, but also the nature of lockdown on the whole has given rise to increased threats.
Confidentiality protocols are being challenged: information may be shared in less secure ways outside of the office i.e. over email services that have not been encrypted or indeed via video conferencing. There have been well documented security and privacy flaws discovered on popular applications – Zoom, for example – over the past few months, where action needed to be taken with the surge of user activity.
Alongside being more vulnerable, home networks are often shared by other family members, and controlling content beyond your employees’ scope could be more difficult to secure. Add into this, if employees were missing necessary software or hardware when the lockdown began, your IT teams may have had to loosen VPN controls in the short-term to enable your firm to continue working.
The consumption of online media – be that for work or socially, has also expanded beyond the norm. This means that the opportunity for potential threats has too: from phishing to ransomware and beyond. Your teams may still be susceptible to attacks; we are all distracted by the significant changes we’ve faced and the continued concerns for the future.
Additionally, there is also a reported increase in phishing attacks that could be sent in your firm’s name – this has been a particular issue for banks where emails are received by the general public that look like they are from their bank, playing into the fears around financial uncertainty, which are actually a lure to gather account information and validation data, or contain malware which is released when links are clicked.
How can the gaps be closed?
Reset the rules. It sounds simple, but employees and businesses alike have taken a hiatus during the pandemic. We haven’t had the structures and regulations in place as before, having been taken out of the environments we know with an abrupt stop in everyday life which was necessary for our health and wellbeing.
Now is the time to reboot. Setting up the rules for users may need a kickstart, but monitoring your teams has never been more important. Remember, the old ways have gone – employees no longer work set hours, they may be using their own devices, so applying the protocols of the past is unlikely to work now.
It may be that your operations and infrastructure need to take on a new position. Although most financial and professional firms operate within private cloud environments currently, moving to the public cloud with the right protocols, for example, could ensure that patch management and security rollouts can be run more easily remotely.
Education plays a big part in what will be the new normal – the changes that have been made so drastically already were in response to a completely unknown situation. However, that bravery and boldness should be celebrated and continued in the future. Your teams and clients alike will want to know “what next?” but they will also be asking “why?” and “how?” With education, comes new knowledge that will ensure a more secure future for your firm.
At Allied Worldwide, we’ve seen how the changes have affected our clients and provided as much flexibility as possible to ensure their needs are continually met. Our highly skilled and pre-vetted support personnel have stayed focused on their assigned clients, moving from onsite environments to providing remote support where needed. By using localised remote teams, our clients continue to be supported by the dependable familiar team that they trust, and the knowledge and partnership that has already been built, is kept secure.
No matter how you are facing the current changes, Allied Worldwide has over 25 years’ experience of helping customers harness IT infrastructure globally to stay secure and achieve their goals. For more information please get in touch, we’re always happy to help.