Many organizations have recently been forced to send their employees home to work, but few were fully prepared to move all their employees to remote work. During the past few months, many companies have been in contact with us with various questions and requests about remote security.
In our conversations with them, we’ve seen that some were prepared for this situation from a cybersecurity standpoint, but many others struggled with the sudden transition. We noticed four key challenges in particular:
For the majority of organizations, enabling remote work for large numbers of employees simultaneously is new. Fewer than 20 percent of companies telecommuted before the coronavirus pandemic. Of those, most had just a handful of remote workers who telecommuted, and then only as needed.
With unprecedented numbers of employees now working remotely, many organizations are experiencing an increase in cyberattacks, especially phishing or other social-engineering efforts. Protecting against cyberattacks has become an even more daunting task for organizations, as a remote workforce means having multiple workers sign on to their network via potentially unsecured home Wi-Fi connections.
Companies are discovering that it is much more difficult to secure a network and its endpoints when employees are spread throughout multiple locations than it is to secure an office where everyone is working in one place.
For one thing, many organizations are experiencing pressure on IT resources as they move to enable remote work strategies. With large numbers of employees working outside the normal perimeter, managing device sprawl, updating, patching, and securing hundreds of thousands of endpoints have become much bigger challenges for IT departments.
Companies are also discovering that a majority of their employees are unaware of the additional new risks that come with working remotely. Most expect to work from home the same way they worked while in the office, not realizing the need to practice strict password protocol or the risks of failing to access their organization’s network via VPN– as just two examples.
IT departments have had to quickly create clear remote-work guidelines so that employees can understand what precautions they must take when working from home. Creating these guidelines, training employees, and ensuring they are complying with the guidelines, are time-consuming and not easy to implement when the workforce is remote.
A third challenge organizations are facing is on a more practical level, and not necessarily directly related to cybersecurity: ensuring employees have the right tools to work remotely.
The final challenge faced by organizations with large numbers of remote-work employees is the pressing need to create remote work guidelines to guarantee business continuity.
Creating remote work guidelines in itself is a major task that many organizations are facing for the first time.
While the recent experiences of remote work have been stressful for both companies and for their employees, it has forced organizations to work out ways to remain functional. Among the companies in contact with us, we’ve noticed a clear distinction in approaches: either 1) “let’s just do what we have to do in order to deal with the present situation”, or 2) “let’s put in place systems and guidelines that will benefit the organization’s productivity beyond the present situation”.
Organizations taking the latter approach aren’t necessarily planning to have all their employees work remotely forever. But, they have decided that for the long-term, putting systems in place to allow mass numbers of employees to work remotely can enhance their competitiveness. These companies believe the end results can be positive, and twofold:
In the long run, companies that embrace the challenges of remote work, and learn how to function in this type of situation, will come out stronger than ever.
To learn more about how to set up a strong security practice, check out our white paper, Five Clear Steps to Enhance SecOps with MITRE ATT&CK.
“Cybereason XDR delivers deep contextual correlations without the need to craft complex syntax queries, which is just one of the many reasons we are seeing rapid adoption of our platform...”
Tim Weis, who was recently promoted to Senior Talent Acquisition Partner, supports hiring for some of our US-based teams and helps each of them scale and grow. Learn more about Tim and why he says this is an exciting time to join Cybereason...
