Data security in a newly remote world

As we operate from a home environment, vulnerabilities can be found everywhere— from devices being compromised and not being up-to-date with adequate security defences.
  • Updated On Apr 30, 2020 at 12:32 PM IST
Read by: 100 Industry Professionals
Reader Image Read by 100 Industry Professionals
By Vishak Raman

As nations across the globe band together to fight the Covid-19 pandemic, millions of people are doing their bit by staying indoors and working from home. Presently, social distancing is undoubtedly one of our strongest defences, and it is truly inspiring to see how quickly individuals, companies, and governments have adapted to new ways of working, learning, and communicating, all fuelled by technology.

Today, remote collaboration is being effectively and extensively utilized on all fronts — from crisis management and ensuring the delivery of essential services to citizens, to the running of businesses and keeping people entertained at home.

Advt
However, while remote working itself is not new, the sheer scale and magnitude of this new normal are entirely unprecedented and have brought a very real challenge to the fore – data security. Data security has always been crucial for the IT industry, but now, it has become one of the most pressing concerns for everyone, be it individuals and small businesses, or enterprises and state bodies.

Given that the lines between the office and the home have blurred, the threat landscape has grown exponentially, with millions of additional devices connected to the internet at the same time.

Another factor contributing to cybersecurity becoming a high priority is the nature of data being exchanged digitally. For example, government bodies are using digital channels to track, monitor, and manage the crisis across the country in real-time.

Hospitals and healthcare facilities are turning to telemedicine, including remote ICU wards and online consultations, to reduce the risk of exposure for medical staff. The agriculture departments of some states are remotely connecting with district mandis to regulate the prices of fruits, vegetables, and ration.

Schools, colleges, and universities, including IITs and IIMs, are virtually educating students, and medical institutions have been training healthcare workers over video. With such sensitive information being exchanged virtually, the need for securing data has never been more acute.

This is evidenced by the huge upsurge in cyberattacks since the onset of the pandemic. Attackers are increasingly leveraging the present crisis for their phishing, fraud, and misinformation campaigns. There has also been an escalation in cyberattack attempts on hospitals and healthcare institutions researching Covid-19.

Advt
Additionally, corporates are also presented with a new set of cybersecurity concerns, with remote working increasing access, expanding the attack surface, and leading to gaps in visibility. Organizations that, until now, functioned primarily out of offices were equipped with cybersecurity products that protected user identity and data at the end-points.

Now, as we operate from a home environment, vulnerabilities can be found everywhere— from devices being compromised and not being up-to-date with adequate security defences, to the trust issue of user identity over the internet and user profiles working with IPR data.

As a result, ransomware attacks on corporates are on the rise. These attacks, if successful, allow cybercriminals to gain access to a firm’s systems and encrypt the data stored in them, putting enterprises and their employees at risk.

While a few organizations were already providing secure remote working solutions for some of their staff, the challenge now is to extend the same level of security to every single employee working remotely. For this, it is imperative to adopt a Zero Trust approach to data security, which can be achieved by implementing a five-pillar strategy:

  1. Secure mobility and client-based VPN with enforced, risk-aware, and adaptive access policies
  2. Securing all local network access through cloud-based DNS Secure internet gateway for web and app-based proxy control
  3. Deploying cloud-based Adaptive Multifactor Authentication (MFA) to ensure the trustworthiness of users and devices
  4. Protecting end-points with EDR (End-point Detection and Response) and Data Leak Prevention
  5. Tightening security operations (SecOps) management for enhanced threat detection and prevention
But how do we deploy these solutions at scale across the company and over dispersed locations? How do we ensure that these measures are executed quickly and efficiently? I will be addressing each of these solutions and their applications in finer detail in my next blog.

The world is moving online at a speed that was unimaginable only a few weeks ago. With a digital economy waiting in the wings, and virtualization taking place in every industry, cybersecurity becomes critical to safeguarding people, assets, and information.

Still, more than any singular security solution, the mindset around security has to change first. Here, I believe leaders can truly make a difference in how their firms view cybersecurity – as an imperative that must be considered as a top priority in the overall organizational strategy.


The author is Director, Security Business, Cisco India & SAARC.

DISCLAIMER: The views expressed are solely of the author and ETCIO.com does not necessarily subscribe to it. ETCIO.com shall not be responsible for any damage caused to any person/organisation directly or indirectly.




  • Published On Apr 30, 2020 at 12:30 PM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App