NC1801
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
OPINION<br />
HOME WORKING: THE SECURITY RISK<br />
DOMENICO CRAPANZANO WHO IS CEO AT FING, THE MAKER OF<br />
FINGBOX, REFLECTS ON THE CYBER RISK OF HOME WORKING<br />
AND EMPLOYEE OWNED DEVICES. DOES THIS FREEDOM COME<br />
WITH A COST?<br />
Where we work is no longer<br />
restricted to the office, thanks to<br />
improvements in Internet access,<br />
remote access solutions and the<br />
increasing affordability of smart devices.<br />
We now have the tools to work effectively<br />
on the move - but this means that the IT<br />
team has limited control.<br />
Technology developments combine with<br />
the cultural desire for flexible working<br />
and drive this progressive freedom from<br />
our desks. In turn, organisations have<br />
saved on building costs, can engage with<br />
talent from across the globe and offer a<br />
more inclusive employment structure. But<br />
does this new-found freedom come with a<br />
cybersecurity cost?<br />
THE SECURITY THREAT<br />
Cybercrime is rising rapidly and<br />
businesses are feeling the heat. It is<br />
estimated that by 2021, the global cost<br />
of cybercrime will be $6 trillion.<br />
Cybersecurity is finally being taken<br />
seriously and most businesses hire inhouse<br />
professionals or outsource their<br />
security to specialist companies. However,<br />
cybersecurity has been blown wide open<br />
by the remote worker.<br />
THE NEW CHALLENGE<br />
Historically, the IT framework was simple<br />
with all the devices connecting with<br />
company assets belonging to the<br />
business, wired into one location.<br />
Although still hackable, there was at least<br />
visibility and some control over device<br />
protection and the provision of network<br />
security measures.<br />
The fact that we can now work away<br />
from our desks without question has<br />
become an organisation's greatest<br />
security weakness. IT professionals have<br />
almost no visibility of the security of<br />
employees' personal or companyprovided<br />
devices outside of the office.<br />
They also have no control over the<br />
external networks these devices connect<br />
to, or even the physical security of the<br />
devices against theft.<br />
To make matters worse, the adoption of<br />
cloud services by organisations has put<br />
both the access and security of businesscritical<br />
information at increased risk. The<br />
amount of security holes opened up in<br />
the network is astronomical, and should<br />
just one employee's personal device be<br />
compromised, the entire network is at<br />
risk. As a result the challenge is to find<br />
ways to secure assets against external<br />
threats without restricting remote working<br />
or invading employee privacy.<br />
SECURE REMOTE WORKING<br />
Unfortunately this is a problem that is yet<br />
to find a definitive solution. However,<br />
there are a few steps that organisations<br />
can take to create a more secure IT<br />
framework and mitigate risk.<br />
A good place to start is to provide a<br />
guest network that both employees and<br />
guests can use to connect their personal<br />
devices, thus keeping them off the main<br />
business network. And although it may<br />
not be fashionable, providing employees<br />
with the devices they need for their<br />
remote work is an insignificant cost when<br />
compared to a cybersecurity breach. This<br />
will also provide control over the security<br />
and setup of the devices, which will also<br />
help the support team.<br />
It is a largely unchallenged assertion<br />
that providing regular cybersecurity<br />
training helps to prevent attacks.<br />
Employees can provide an excellent first<br />
line of defence for common attack<br />
vectors, including phishing and<br />
untrustworthy sites. Also consider<br />
providing a security appliance for<br />
employee's home networks. It could be a<br />
very smart investment and will protect<br />
their networks from attack and such<br />
devices are now very affordable.<br />
One way or another, cyber defence and<br />
risk both come back to money, so don't<br />
be afraid to spend some on good people<br />
and effective security measures. Hackers<br />
love it when you cut corners! Survival<br />
post attack is expensive, so carefully<br />
consider insuring your specific risks. With<br />
cyber threats always evolving, protect<br />
your assets in the event of an attack, both<br />
financially and with tested backups.<br />
The good news is that whilst hackers get<br />
smarter so too does the cybersecurity<br />
industry - so don't let your organisation<br />
fall behind. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards JANUARY/FEBRUARY 2018 NETWORKcomputing 33