The national lockdown forced a large contingency of the South African workforce to work from home and as it is somewhat of a new notion, it had its fair share of challenges. Yet a recent study by World WIde Worx, Remote Working in South Africa 2020, shows the shift to remote working has led to improved productivity for 29% of organisations. However, companies that preempted their digital transformation strategies prior to the impact of the global pandemic saw an increase in productivity of as much as 70%.
Now that organisations and employees have seen some of the benefits of remote working, many companies are likely to build more flexible and agile working arrangements into their long-term strategies. For IT departments, the impact is huge.
The digital fortress
Formerly, a company’s IT infrastructure was contained within its own four walls. Employees used hardware such as PCs, printers and phones which remained securely in the office, while software programs and data were stored in on-premises data centres. IT had full control over the performance, maintenance and security of the organisation’s technology stack. Early remote working initiatives were tightly controlled with users connecting to Virtual Private Networks (VPN) so that the only thing that left the data centre was the employee and the limited hardware. Over the VPN, the IT department could maintain visibility of security protocols and maintain administrators’ rights to ensure employees were not installing unapproved, potentially high-risk software.
Along came the cloud, which allowed organisations to scale-up their data storage capacity as well as their ability to back up files to remote locations. However, with the cloud came greater agility and choice for employees. Shadow IT, the phenomenon of employees using applications of their own choosing to store and access company data outside the data centre’s four walls – on personal devices and online accounts – became a challenge to IT departments. Fast-forward to 2020, when a large portion of South Africans had the ability to work remotely, and the four walls of the data centre have fallen as far as many businesses are concerned. Some organisations found themselves supporting remote workers for the first time, with many either utilising company-issued laptops and in some cases, their own personal devices.
From a cybersecurity perspective, this is a critical risk. Previously, the data centre was compared to a fortress. Everything that went in or out was strictly monitored and the threat from external sources was low. This is why one of the most well-known forms of cyber-attack is a Trojan virus – one that tricks the victim into thinking they are receiving or opening a legitimate file, document, link, effectively inviting in the attacker. Now, not only have the gates of the digital fortress been flung wide open, the people who used to be inside are now distributed. And, every single one represents a possible entry point for a malicious threat. The attack vector hasn’t just increased, it’s exploded.
Increased threat vector
Twenty-four percent of surveyed organisations in South Africa observed ransomware attacks in the last 12 months, with as many as 27% admitting to paying the ransom, according to recent reports. This emphasises that the threat of cyber-attacks is increasing, alongside employees using their personal devices for work, or company-issued devices. It is essential that devices, and the data they hold, are secure as more devices put data at risk from a security standpoint, but it also increases the attack vector for any malicious activity. IT teams must educate employees on cybersecurity best practices to reduce the risk of cybercriminals gaining access to a network via phishing links and all remote workstations backed up to secure endpoints are installed with protective, up-to-date anti-virus software to ensure a safe and protected work-from-home situation.
It’s for these reasons that IT departments often have little to zero visibility of whether or not employees are connecting to the VPN, particularly when employees are using personal devices. Furthermore, personal devices aren’t just being used outside the data centre’s four walls, but in family home environments and shared households. Not only do IT teams have far less control over the apps, websites, content they’re employees are engaging with, there is no guarantee they are the only person using that device. While the organisation might not have visibility of data now being stored and used outside the four walls, it is still ultimately responsible for it.
Given this vastly increased threat vector and risk to data systems, organisations must ensure they have a robust Cloud Data Management strategy in place to ensure data is backed up, protected and recoverable across all devices and applications. Employee best practices and training are vital to this – helping IT teams ensure that users are connected via the VPN and storing company data in secure cloud environments rather than personal accounts or their own desktops. If data cannot be backed up, it is not protected, and in the event of unplanned downtime or a cyber breach that data will be unrecoverable. Moreover, organisations are adopting Software as a Service (SaaS) solutions in droves. For example, Microsoft Teams grew from 32 million users to 72 million between March 2019 and April 2020. For businesses using SaaS solutions such as Microsoft Teams and Microsoft Office 365, backups of data need to be conducted on a continuous basis – either on premises or in cloud object storage. This will protect the business against a single point of failure that is outside their control.
As a combination of working from home and from offices becomes increasingly commonplace – even for organisations who previously had little to no track record of supporting remote working – the cyber-attack vector will remain high. It is therefore critical that businesses have a clear strategy for managing data across their cloud and data provisioning. This includes ensuring data is backed up at all times, recoverable in the event of a disaster, outage or cyber-attack, and as protected from external malicious threats as possible.