The national lockdown forced a large contingency
of the South African workforce to work from home and as it is somewhat of a new
notion, it had its fair share of challenges. Yet a recent study by World WIde
Worx, Remote Working in South Africa 2020, shows the shift to
remote working has led to improved productivity for 29% of organisations.
However, companies that preempted their digital transformation strategies prior
to the impact of the global pandemic saw an increase in productivity of as much
as 70%.
Now that organisations and employees have seen
some of the benefits of remote working, many companies are likely to build more
flexible and agile working arrangements into their long-term strategies. For IT
departments, the impact is huge.
The digital fortress
Formerly, a company’s IT infrastructure was
contained within its own four walls. Employees used hardware such as PCs,
printers and phones which remained securely in the office, while software
programs and data were stored in on-premises data centres. IT had full control
over the performance, maintenance and security of the organisation’s technology
stack. Early remote working initiatives were tightly controlled with users
connecting to Virtual Private Networks (VPN) so that the only thing that left the
data centre was the employee and the limited hardware. Over the VPN, the IT
department could maintain visibility of security protocols and maintain
administrators’ rights to ensure employees were not installing unapproved,
potentially high-risk software.
Along came the cloud, which allowed organisations
to scale-up their data storage capacity as well as their ability to back up
files to remote locations. However, with the cloud came greater agility and
choice for employees. Shadow IT, the phenomenon of employees using applications
of their own choosing to store and access company data outside the data
centre’s four walls – on personal devices and online accounts – became a
challenge to IT departments. Fast-forward to 2020, when a large portion of
South Africans had the ability to work remotely, and the four walls of the data
centre have fallen as far as many businesses are concerned. Some organisations
found themselves supporting remote workers for the first time, with many either
utilising company-issued laptops and in some cases, their own personal devices.
From a cybersecurity perspective, this is a critical risk. Previously, the
data centre was compared to a fortress. Everything that went in or out was
strictly monitored and the threat from external sources was low. This is why
one of the most well-known forms of cyber-attack is a Trojan virus – one that
tricks the victim into thinking they are receiving or opening a legitimate
file, document, link, effectively inviting in the attacker. Now, not only have
the gates of the digital fortress been flung wide open, the people who used to
be inside are now distributed. And, every single one represents a possible
entry point for a malicious threat. The attack vector hasn’t just increased,
it’s exploded.
Increased threat vector
Twenty-four percent of surveyed organisations in
South Africa observed ransomware attacks in the last 12 months, with as many as
27% admitting to paying the ransom, according to recent reports. This
emphasises that the threat of cyber-attacks is increasing, alongside employees
using their personal devices for work, or company-issued devices. It is
essential that devices, and the data they hold, are secure as more devices put
data at risk from a security standpoint, but it also increases the attack
vector for any malicious activity. IT teams must educate employees on
cybersecurity best practices to reduce the risk of cybercriminals gaining
access to a network via phishing links and all remote workstations backed up to
secure endpoints are installed with protective, up-to-date anti-virus software
to ensure a safe and protected work-from-home situation.
It’s for these reasons that IT departments often
have little to zero visibility of whether or not employees are connecting to
the VPN, particularly when employees are using personal devices. Furthermore,
personal devices aren’t just being used outside the data centre’s four walls,
but in family home environments and shared households. Not only do IT teams
have far less control over the apps, websites, content they’re employees are
engaging with, there is no guarantee they are the only person using that
device. While the organisation might not have visibility of data now being
stored and used outside the four walls, it is still ultimately responsible for
it.
Given this vastly increased threat vector and risk
to data systems, organisations must ensure they have a robust Cloud Data
Management strategy in place to ensure data is backed up, protected and
recoverable across all devices and applications. Employee best practices and
training are vital to this – helping IT teams ensure that users are connected
via the VPN and storing company data in secure cloud environments rather than
personal accounts or their own desktops. If data cannot be backed up, it is not
protected, and in the event of unplanned downtime or a cyber breach that data
will be unrecoverable. Moreover, organisations are adopting Software as a
Service (SaaS) solutions in droves. For example, Microsoft Teams grew from 32
million users to 72 million between March 2019 and April 2020. For businesses
using SaaS solutions such as Microsoft Teams and Microsoft Office 365, backups
of data need to be conducted on a continuous basis – either on premises or in
cloud object storage. This will protect the business against a single point of
failure that is outside their control.
As a combination of working from home and from offices becomes increasingly commonplace – even for organisations who previously had little to no track record of supporting remote working – the cyber-attack vector will remain high. It is therefore critical that businesses have a clear strategy for managing data across their cloud and data provisioning. This includes ensuring data is backed up at all times, recoverable in the event of a disaster, outage or cyber-attack, and as protected from external malicious threats as possible.
