At the beginning of the pandemic I was asked by an organization to provide insights on staying secure while working remotely. Here are a few of my thoughts…
With remote work, it is equally essential to maintain both team productivity and culture. I am a big advocate of cloud-based collaboration tools, such as Microsoft Teams. These tools allow teams to find and share information quickly, and chat and video-conference at the touch of a button.
And, yes, they help teams share memes easily! Collaboration tools help recreate those informal watercooler interactions that build team cohesiveness.
Organizations that have invested in the cloud have increased accessibility, flexibility, and scalability, resulting in improved business continuity.
Accessibility – With cloud file shares, your team can access essential documents no matter where they happen to be sitting.
Flexibility – Cloud-based Virtual Desktop tools securely replicate the desktop experience from a web browser. By removing device dependencies, organizations ensure that their workforce has the flexibility to work anywhere from any computer.
Scalability – In the classic data center model, systems are designed to support a specific workload, such as the ability to stream videos to 100 simultaneous concurrent users. However, when streaming demand grows exponentially overnight, a company may run out of compute or network capacity causing systems to slow down to a crawl or even fail. One way to prevent failure is with a modern cloud model.
Commercial cloud providers subscribe to a “shared responsibility” model. They are responsible for security “of” the cloud, and you are responsible for security “in” the cloud. Thus, it is your responsibility to handle data appropriately, adhering to best practices for encryption and compliance (such as following HIPAA guidelines for healthcare data). You should also have a mindful Identity and Access Management (IAM) strategy to ensure only those with appropriate permissions can access your company’s applications and data.
It’s unfortunate that cyber crooks prey on people during these difficult times, but it’s a reality. While having a sound security approach to your cloud assets is very important, one of the most effective (and most straightforward) things you can do is educate your workforce. A small amount of prevention can provide an outsized level of protection.
Remind your employees to be extra vigilant against phishing attempts. When in doubt whether an email request is legit, advise them to pick up the phone and call the requestor to verify. It doesn’t cost any money to double-check information requests, and it could save you thousands of dollars (and headaches!)
Also, make sure your team understands what social engineering is and how cybercriminals may use it to obtain your company’s confidential data. With social distancing, people are craving personal interaction and may be more susceptible to social engineering malfeasance.