Securing the Hybrid Workplace: looking at the key services businesses need for a flexible future
Chris Barr, Technical Director at CT looks at why the emerging Hybrid Workplace needs the right technology foundations to prosper and stay secure.
As Covid-19 continues and elements of daily life remain in flux, companies are looking to plan for the future. The prospect of returning to the office will feel challenging to many as they would like to continue working from home for reasons including health concerns, childcare and work-life balance, whereas others are keen to get back to the office to be amongst colleagues for a shared work experience and all the social and learning benefits that this brings.
With this in mind many businesses are looking to adopt a long-term hybrid workplace model to ensure a flexible future for the business and its employees. We are all familiar now that remote work brings additional cybersecurity challenges as employees log on through their home networks or with personal devices where the organisation has no control over security measures and the protection of their data.
It is imperative that the right technology is in place to future proof hybrid business operations and facilitate staff working in a flexible manner that doesn’t compromise security. Every business has different requirements, but we commonly recommend the following three services and three additional security measures that are simple to implement.
Virtual Desktop Infrastructure
VDI is a solution favoured by organisations that handle very sensitive data such as those in the legal and healthcare sectors. By allocating a ‘virtual desktop’ to users, all the processing of data is completed securely inside the organisation’s infrastructure removing the need for data to be processed on the users local device.
Microsoft SharePoint is a cloud-based service that helps organisations share and manage content, knowledge, and applications wherever they are. SharePoint Online has become the most commonly used document management system used worldwide. As organisations migrate services such as e-mail to cloud based services, we are seeing that the traditional network shares are becoming the last remaining on-site service, by utilising SharePoint we have enabled many customers to make the jump to a fully cloud based solution.
Virtual Private Networking
The use of VPNs is a great way to provide an extension of your organisation’s network to mobile devices, this can then be used to ensure that internet traffic from mobile devices is routed through a centralised security gateway to provide the same level of secure internet access for users as when they work in the office.
Key additional security measures
E-mail, file sharing applications such as OneDrive, methods of remote access such as VPN – all of these allow access to your organisations data and are usually just secured by a single password. Microsoft carried out a study last year and found that 99.9% of breaches could have been averted simply by enabling MultiFactor Authentication - a security mechanism that requires an individual to provide two or more credentials in order to authenticate their identity
Bring Your Own Device Policy
All organisations should have a BYOD policy. This could be to ensure staff only use devices issued by the organisation or that when they use their own device it is appropriately secured. If a member of staff used their own mobile device to send and receive e-mails, a copy of the user’s mailbox is stored on their device. If that device was stolen, what would happen to the data? When the user backs up their mobile device, where does your organisation’s data get copied to? Mobile Device Management solutions can enforce policies to ensure your organisation’s data is protected.
Internet Access Policy
All organisations should have an Internet Access Policy and provide secure internet access to their staff. Most organisations enforce policies on the types of content that staff can access however secured internet access also provides an additional level of protection for staff from avertedly downloading and installing malicious content on their device.