Written by Jason Sabin, Chief Technology Officer at DigiCert.
It’s been two years since the WHO declared COVID-19 as a pandemic on March 11 2020.
Businesses were forced to shut down their offices and reimagine new ways of working. Two years later, companies are reopening again, but it is clear that the workplace has changed forever.
Organizations have adopted innovative solutions to adapt to remote working and most of them see hybrid work continuing beyond the pandemic. According to Gartner, 82% of business leaders plan to maintain at least a partial work-from-home structure even after the pandemic has fully passed.
Employee expectations have evolved as well. According to Milieu Insight’s recent survey, working remotely seems to be the prevailing choice among employees in Singapore with 78% leaning towards a hybrid schedule. However, just as the workplace has changed, new cybersecurity issues have emerged.
Here’s how COVID has changed security in the workplace for good and the key takeaways to secure today’s remote workforce.
Pandemic increased cybersecurity attacks
A survey by PwC of a diverse group of business and technology executives found that 52% of CISOs in Singapore agree that the pandemic has resulted in greater emphasis on the quality of IT and telecommunications (ICT).
However, the number of cyberattacks in the region has increased, with 80% of organizations affected by ransomware attacks in 2021. APAC countries such as Indonesia, Japan and Singapore experienced the sharpest increase in attack activity till the middle of the year.
While there has been progress in safeguarding against cyberthreats, the cybersecurity battle is far from over. Unfortunately, as businesses go back to the office in some capacity, these unique remote problems will remain.
What have we learned from security issues caused by remote working
While working from home does have its merits, such as lower costs for businesses, this meteoric rise has led to some worrying IT security issues. These include:
● Cloud transition. Since the pandemic, remote access solutions are preferred, and organizations moved critical business processes to the cloud. However, if the appropriate security solutions are not adopted, increasing reliance on the cloud and creating agility in the cloud could result in security vulnerabilities being exposed. 55% of executives in Singapore believe that attacks on cloud service providers could potentially have a negative to a significantly negative impact on their organization. PKI can help secure the cloud and provide strong authentication and operational integrity at scale.
● Email phishing. Email phishing during the pandemic skyrocketed and continues to be a challenge as attackers find new creative ways to scam users. There is an increased priority to train workers and prepare them to recognize and know how to deal with threats since the pandemic and to develop best practices for secure email access.
● Varying remote devices. Mobile devices need their own unique security protection. But organizations are finding it a challenge to protect mobile devices from cybersecurity issues since 70% of remote workers in Singapore are using personal devices for work. A critical first step to resolving this is to deploy effective mobile device management (MDM) policy.
● No office-based cybersecurity. Companies are more vulnerable when their staff can’t use office IT security measures, like firewalls. Organizations should use tools to boost security and provide remote workers with secure VPN access.
● Protecting passwords. Employees should be trained on password policy best practices and organizations should implement multi-factor authentication. Additionally, with staff working from home, they may be tempted to share work passwords with friends or family to help them with certain work tasks. Obviously, this is a security issue and needs addressing with proper training for all staff.
● Secure document signing. With many organizations embracing the convenience of electronic documents, authenticating document signatures and content becomes crucial. A secure document signing process is especially important for industries that require numerous legally binding digital signatures, such as insurance, real estate, financial, healthcare and education, as well as businesses that are supporting remote workers or that want to offer remote onboarding in their digital applications to improve and accelerate customer engagement.
Securing today’s remote workplace
Currently, organizations are deploying a hybrid of work-from-home and in-the-office schedules for their staff. Unfortunately, a return to office life presents its own unique cybersecurity issues. As a recent example, many hackers are distributing malicious files and phishing attempts made to look like COVID-19 training documents.
The transition has been a difficult obstacle to navigate. It’s challenging enough to maintain operations and productivity while working from home, and even more to ensure complete remote cybersecurity. As companies embrace hybrid working arrangements and even see it as a permanent solution in the new normal, it is crucial to maintain efforts in ensuring the highest level of remote cybersecurity.
This can only be possible if companies step up their IT security with the right solutions and continuously train their employees to be vigilant against cybersecurity threats.