Jun 05, 2020

Can flexible working become the new normal?

remote working
video conferencing
Cybersecurity
Ben Bulpett
5 min
In order for enterprises to undergo a successful digital revolution, they need to start with security – and identity governance
In order for enterprises to undergo a successful digital revolution, they need to start with security – and identity governance...

Workers are being told to stay away from work for the immediate future as governments have put its ‘social distancing strategy’ into place to prevent the further spread of COVID-19. The coronavirus outbreak is impacting the normal patterns of working on a scale never seen before. Many companies are encouraging extensive home working and cancelling large gatherings at trade shows and conference halls.

Apple, Google and Amazon are the latest tech giants who have asked their staff to staff away from the office and work from home. For these companies, a change in working practices is relatively simple. They are well suited to technology to make home working possible. For others, the coronavirus crisis has been a wake-up call to update their practices.

This could lead to a permanent culture shift in the way we work. A global poll from 2018 by data and insights company Kantar found a third (32%) valued a job where they could work from home, even in normal circumstances.

More than 1.54 million people already work from home in the UK – a two-fold increase from ten years ago. The BBC found there has been a smaller increase in the number of people who work in different places but with their home as a base. That number has increased by around 200,000 in the 10 years between 2008 and 2018 to 2.66 million.

The official guidance, when ill, is to isolate yourself and work from home if necessary. In more normal circumstances, people can also work from an increasing number of public spaces, including coffee shops, libraries or co-location working hubs. Today, there are thousands of dedicated offices where co-workers can hire desks, rooms or conference centres by the hour. There has even been the rise of the so-called ‘pro-worker’ – those who run their permanent businesses from temporary and fluid accommodation spaces.

Securing a remote location

While self-isolating, driving efficiencies and improving employee work-life-balance, working from home, a coffee shop or a co-location (or pro-location) space is not anywhere near as cyber secure as being in an office. A lot more preparation is required to coordinate the activities of employees and ensure company systems are able to support a critical mass of staff working remotely at a moment’s notice.

Assuming that the Tokyo Olympics is not affected by the virus, more than 3,000 companies in Japan are planning to introduce telecommuting for their staff during the summer. It’s a bid to ease the pressure on the already overcrowded public transport network – testing its ability to withstand cyber-attacks at the same time. It’s based on the success of the London 2012 Olympics in London where 80% of companies employed some form of telecommuting in order to beat the additional traffic and congestion in the city.

These companies have been through a series of dry runs to see if the city systems, and the businesses themselves, can cope with the new workloads.

All this additional demand for remote working will place strains on the existing office and telecoms infrastructure. For the office environment, having hundreds, if not thousands of additional home workers will test a company’s server capability and its VPN bandwidth. It will also distract IT professionals’ time and attention away from looking out for potential cyber security threats. Do organisations have the internal capacity to match the organic – as well as issues-driven – home working demands for the next five to ten years?

More generally, for those workers at home, in cafes and co-working spaces, the question they need to ask is ‘how secure is the Wi-Fi connection that I’m working from?’ They are now reliant on a third-party service and who knows who is sitting on the next table or the opposite booth to snoop on their emails, giving malicious actors the proverbial keys to the enterprise kingdom?

The Identity Factor

The easiest point of entry to your organisation is your users – that includes employees, contractors, virtual workers, freelancers, bots and contingent staff. The hardened security perimeter no longer exists. We are now in a perimeterless world where anyone can access anything from anywhere.

It is forcing companies to take a ‘zero trust’ approach to the ever-expanding cyber-attack surface. This is the ideal time to turn to ‘identity’ as a solution, especially when combined with the power of Artificial Intelligence (AI) and Machine Learning (ML) tools.

Access should now be based on securing enterprise systems at the core and providing privileged access rights to only the most secure personnel. AI and ML tools can spot patterns, based on previous usage history, to alert to suspicious behaviours. The latest identity solutions can provide geolocation alerts if a user sends an email from Brazil, yet is supposed to be in Basingstoke, for instance. Or recognise abnormal access or download activities that aren’t typical for the role or individual in question.

But in order for enterprises to undergo a successful digital revolution, they need to start with security – and identity governance. Once that foundation is in place, and they are able to see everything, govern everything and empower everyone in their organisation, then they can focus on more fundamental business changes that needs to happen.

It is time organisations started using the right tools for the job. Safeguarding IT and cybersecurity professionals from sleepless nights is the key objective of any security operation. Enabling identity solutions at source means they can sleep easy, even if the hackers never do…
 

By Ben Bulpett, EMEA Director at SailPoint 

Share article