Make remote work safe for employees and your organization
This is a guest blog by Stan Black, SVP – Chief Security and Information Officer at Citrix
Remote work is transforming both organizations and the lives of their employees.
When businesses empower people to be fully productive anywhere, at any time, they gain the agility and flexibility to stay at the forefront of fast-moving markets. Unchained from traditional work locations and hours, employees can achieve better work-life balance even as they become more engaged, effective, and inspired in their jobs. They also become more satisfied—which in turn helps strengthen retention and corporate culture for the business.
With benefits like these, it’s no wonder that this new way of working has caught on so quickly; 43 percent of employed Americans say they spent at least some time working remotely in 2017. I wouldn’t be surprised if this number rose dramatically across the globe in the coming years.
But it’s important to do it right. The new anywhere, any-time work experience can introduce a number of security challenges. Make sure your remote work strategy includes tools and practices to keep your systems and data safe wherever they’re used. Here are a few measures I’ve found particularly valuable.
Enable secure access to apps and data using any network, cloud, and on any device
In most cases, remote work takes your employees beyond the controls and protections of the corporate network. They may not even be aware of this change; people generally focus more on the task at hand than behind-the-scenes security mechanisms. And they may not be aware of the risks present in their new work setting, from non-secure public WiFi to the threat of drive-by attacks by a compromised website seeking to harvest their personal information. Not to mention the prospect of a lost or stolen laptop whose data ends up in the wrong hands.
There are a few things you can do about this. One is to deliver and store apps and data virtually, or in the cloud, rather than on the device itself. By keeping sensitive content off the laptop, you make its loss nothing more than a costly nuisance—not a potentially devastating security breach. Centralized storage also allows you to wipe clean a device that’s been infected with malware without losing any of the data its user depends on.
Whatever measures you take, it’s important not to burden your employees with cumbersome security procedures like network settings to configure or rules to memorize about what data and apps they can use in a given scenario. Instead, policies like these should be applied automatically in the background, based on the user’s current location, network, device, role, and so on. This contextual approach makes security transparent to the employee so they can stay focused on their work, while ensuring the right level of protection wherever and however they work.
Engage employees and they’ll keep themselves safe
Security is everyone’s business—after all, any employee can expose your organization to a breach. This makes education a critical element of secure remote work. Teach your workforce the principles of safe computing to help them avoid simple mistakes like clicking unsafe links, downloading suspect files, and responding to phishing attacks. Remind them to practice good password hygiene by choosing a different hard-to-guess password for each of their accounts. (Or better yet, provide a single sign-on mechanism across all their services so they can use a single, strong password rather than a lot of weaker, more easily remembered ones).
Then complement this foundation with information about specific emerging threats. When an event like WannaCry or Heartbleed occurs, we send an alert to all our employees telling them what’s happening, what to watch out for, and how they can protect themselves—as well as their families.
Recognize what’s normal
As hackers get better at disguising their methods, it can be hard to recognize an attack until it’s well underway. It’s best to assume that any deviation from normal behavior, however innocuous-seeming, is the first sign of an intrusion. Constant vigilance is crucial.
Artificial intelligence and machine learning are now vital allies in this effort, making it possible to spot abnormalities quickly wherever in your environment they arise. If you’re not already putting security analytics to work for your remote work strategy, you will be soon.
Less risk – more reward
Remote work isn’t just a trend; it’s a fundamental rethinking of the ways organizations empower their employees. A flexible work experience can make both people and businesses more productive, agile, and innovative. It also makes your company the kind of place top candidates want to work—a vital edge in our highly competitive talent market. By building security into your remote work strategy, you can ensure that this anywhere, any-network, any-device freedom doesn’t increase risk for your organization. It’s a better way to work for employees and businesses alike.
Read our blog post with Citrix to learn how to balance the generational differences in the workplace with the rise of Generation Z.
Visit the Fujitsu blog to find out more about protecting yourself from cyber-crime.