CEO Blog Series: Our People are the Secret to the Success of Cybereason
Cybereason CEO Lior Div honors Employee Appreciation Day and reflects on the core values of Cybereason and why it's important to appreciate employees 365 days a year.
COVID-19, the disease caused by the SARS-CoV-2 virus (often called the coronavirus) is officially a global pandemic with over 374,000 confirmed cases worldwide. Countries globally have transitioned from containment to mitigation. Currently, the best plans laid out by world leaders focus extensively on limiting contact between people in an attempt to slow down the spread and somewhat control the stress on the healthcare system. Italy, for example, has now put the entire nation under effective lockdown.
While such drastic measures are clearly justified in order to save human lives, it puts unparalleled pressure on businesses. With more and more employees encouraged to isolate and stay in their homes, a big question on every CEO’s mind is how to ensure her business is able to continue to function when all employees are remote. As employees require both resources and communication with peers, partners and customers in order to create value for their firms, trusted communication and remote access become critical to every organization's continued operation.
Companies looking to transition quickly from office-bound work to distributed remote work need to consider several key issues:
Let’s address these issues one by one.
For many workers, productivity depends on two key tenants: the ability to communicate effectively with peers, partners and customers, and the ability to access important resources and systems.
On the communications side, we’ve seen incredible progress over the last few years in technologies for teleconferencing. Zoom, Cisco, Google and Microsoft offer very cost-effective, cloud-driven tools that drive effective communications with multi-party meetings, a constant video feed, a shared screen and even a shared white-board.
In addition to effective communication, employees need access to resources like computer systems, files and data. Some organizations, especially those that are more established, may have systems on premise, whether it be payroll, production, or back office systems that need to be accessed on a day-to-day basis. To address this, organizations use Virtual Private Networks (VPNs), established technology that allows a business to temporarily extend their network to employee computers, laptops and phones, even when they are not present on site. This is a very effective tool for remote work, however, most companies have not planned for a scenario where a large portion of the work force attempts to connect to the VPN to access many internal systems at once.
For most businesses that allow remote work under normal conditions, only a small portion of the employee base will be working remotely at one time - say 5%. When an incident that forces social distancing occurs (like COVID-19), in a matter of days, 100% of the workforce must transition to remote work.
This new reality requires careful analysis of capacity and prioritization of workloads: how much bandwidth will be available to each employee, what will access control look like, etc. It’s important to bear in mind that not all functions are equal when it comes to service assurance.
This includes functions like IT: being able to consistently and effectively support the entire remote team is priority #1. Building in failsafes that can help diagnose what’s going wrong is crucial. As an example, it can be a good idea to have a secondary dedicated VPN for IT personnel to support, should primary channels fail. Enable IT to log in remotely and identify how things have gone wrong, so the entire team isn’t left stranded.
Many organizations are testing their capabilities right now, and I encourage the readers of this article first and foremost to analyze their load capacity, licensing limitations, understand their ability to support their team, and increase available hardware and software to the point where IT is confident they can handle all employees working concurrently on the system.
Instituting a trial run before the actual worst case scenario hits is key. The first time an organization tries a 100% remote work scenario, they will most likely fail. They will inevitably discover previously unknown bottlenecks, which is why the trial is so important. Take a day for everyone to work from home before it is mandated by a crisis.
The main takeaway here: plan for the worst and hope for the best. Having a plan that has been tested will help the team understand and rollout deployment easier, and can make a huge difference in the future. Roll out deployment as much as possible before employees can’t work and IT can’t support them.
While many companies have adopted off-site work for a small fraction of their employees and functions, transitioning to large scale remote work is very challenging not only from a process perspective but also culturally. Some employees require access to systems that only exist on premises, while others gain valuable satisfaction and fulfillment from face-to-face communications with peers, partners and of course customers.
Companies that have adopted the cloud early will discover that a large majority of their systems are already not bound to their physical office, while others, especially more established firms, are likely to rely substantially on tools deployed on premises or in their own data center.
Similarly, companies that have allowed some level of remote work will find their employees more experienced and quicker to transition to a 100% remote atmosphere. Employees used to working from home once a week will most likely have a better at-home work setup and understand the pitfalls of remote work already, which makes the transition easier than for those with no experience.
However, being mindful of the ways companies can facilitate remote work can dramatically help productivity. For example, instilling a culture of turning on video for a work call can help the team feel some level of camaraderie and social interaction.
This also brings up a challenging aspect for IT, especially when it comes to bring-your-own devices. With mandatory remote work, the majority of employees are of course unable to get into the office. The only bridge to work is through their laptop, or in some cases through their mobile device. The question is, how does this affect the help desk? How does this affect network control? Many organizations have built their monitoring capabilities based on the network. The problem is, now that employees are remote, monitoring the network will look like a connection to a single device. The VPN holds the entire communication, which makes it very difficult to identify various activities from a network perspective.
To address this, some organizations have mobile device management in place. Even so, at a constant distance, security becomes far less efficient and far more difficult. It puts a significant amount of anxiety on the heads of IT and security. The security topology for networks was about the separation of the inside and the outside by the IT perimeter. With all employees working remotely, our enterprise network now includes assets that are completely unmanaged, like every single employee's home assets.
Transitioning to 100% remote also affects the agility of the IT and security departments. Unfortunately, hackers often take advantage of global incidents to find new ways to attack, and COVID-19 is no exception. But now, defending against these attacks becomes more complex. No longer can an employee with laptop issues hand their laptop to IT and get a loaner. Realistically, IT may not even be able to ship a laptop to an employee in a reasonable timeframe.
Further, there are a lot of risks around enabling rapid support requests. Prioritization must come into play, and first and foremost, baseline operation needs to be successful. Every organization should maintain a local stock of computers that are configured and can easily be shipped to an employee in the event of an incident. The best way to approach this is to simultaneously implement strong computer hygiene to ensure users don’t install malicious software or take unnecessarily risky actions. Use a monitoring solution that monitors from the endpoint, instead of the network, like an endpoint security solution. Endpoint security solutions give visibility into malicious actions on the machine itself, remotely or on site, not limited to the network activity. Reducing risk comes from implementing a combination of security measures.
This new reality brings a lot of challenges to organizations, both process-wise and culture-wise. It’s ITs time to shine and show that the business can modernize itself very quickly to a changing environment when necessary. Doing all of that securely brings on its own set of challenges.
For many organizations, there is still time to prepare. Innovation should be starting now, by developing secure business continuity plans and simulating work from home scenarios to see exactly what works and what doesn’t.
For more information on securing your new remote workforce, check out our new resources page focused on maintaining secure business continuity.
-1.jpg)
Yonatan Striem-Amit, CTO and Co-Founder of Cybereason, is a machine learning, big data analytics and visualization technology expert, with over a decade of experience applying analytics to security in the Israeli Defense Forces and Israeli Governmental Agencies.
All Posts by Yonatan Striem-Amit
Cybereason CEO Lior Div honors Employee Appreciation Day and reflects on the core values of Cybereason and why it's important to appreciate employees 365 days a year.
Three-quarters of Retail organizations reported a significant loss of revenue after suffering a ransomware attack, more than half (58%) experienced employee layoffs, and one third were forced to temporarily suspend or halt their business operations altogether...