Fully remote working was of course forced onto many organisations that were not prepared for it in 2020, and since then it has become one of the toughest issues for many to navigate and overcome.
Statistics taken from the recent Microsoft Work Trend Index Report1 show that the complete switch to remote working has resulted in sustained levels of productivity, though at the cost of employees feeling digital exhaustion, overworked and under-valued.
So, it’s becoming clearer that employees don’t want a completely remote experience whilst working. There needs to be a balance between remote and on-premise working that provides the benefits of both; higher focus, more freedom, less commuting and the human interaction that is so critical to maintaining a happy and engaged workforce.
Hybrid working is the best of both and is being adopted by many organisations as we near the end of 2021.
Approaches to this new style of working are all different, though all share one challenge … maintaining cyber security.
Having helped thousands of organisations with their cyber security requirements, here are our tips to transition to a secure hybrid workplace.
Start with a hybrid working policy
Parts of hybrid working such as ownership of a portable company device or using a personal device to access business sites and applications is unlikely to be suitably covered in standard, existing policies. If you’re planning on introducing hybrid working, the first thing you should consider is a new policy that specifically covers the expectations when working away from the office. This also helps to send the message that cyber security is of the utmost importance.
Gain total visibility of endpoint, network and user activities
Previously, we would have broken this tip down into several points, covering endpoint protection, user behavioural analytics, response automation and managed detection and response separately.
Though XDR solutions are rapidly growing in popularity, combining all of these areas into a single, unified platform.
XDR (Extended Detection and Response) ticks all of the boxes when it comes to monitoring threats across the network and alerting and responding promptly, making it the ideal cyber security solution if you are looking to transition to hybrid working.
The benefits of introducing an XDR solution include:
- Full automation – Automate all workflows across the breach protection lifecycle, from proactive monitoring to incident response.
- Save costs and resources – Reduce the requirement for expensive cybersecurity engineers
- Reassurance – that a 24×7 team of cybersecurity professionals is monitoring for abnormal or threatening behaviours
- Incident response – included with every service.
Internet usage visibility across all of your cloud applications
Cloud applications are essential in a hybrid working environment, though can be difficult to secure when accessed from outside of the office.
Without visibility of the access and utilisation of these services, the threat of advanced malware, data security and malicious or accidental insider access can rise. The usage of Social Media, data storage and CRM’s is then unmanaged and un-monitored and can be easily abused.
A Cloud Access Security Broker (or CASB) solution allows you to take back control by discovering, analysing, securing and managing cloud activity within your organisation.
Start by setting rules and parameters for each of your cloud applications. This ensures that you can control usage and know immediately that you have control over your user’s use of Social Media, Data Storage and CRM content.
Ensure secure authentication with multi-factor authentication
Multi-factor Authentication (or MFA) has been a security staple for years and is arguably one of the most critical components to secure a hybrid workplace.
We highly recommend deploying an MFA solution that provides a wealth of authentication options with minimal impact on user experience, maintaining efficiency whilst keeping your organisation secure.
Deploy an MFA solution straight into your private cloud, as a hosted solution via AWS and Azure, or as a fully managed cloud service.
Ensure staff are trained and vigilant to spot and stop phishing attacks
By allowing employees to work between home and the office, you are having to put a lot of trust into their own ability to spot a phishing scam when they see one. The perceived ‘safety net’ in the office is removed and with the sharp increase in phishing scams, the risk of falling victim to a phishing attack has risen.
If you haven’t already, now would be a good time to train employees on the latest cyber threats and maintain vigilance, with regular simulated phishing tests.
We’re currently helping thousands of organisations to keep cyber security front of mind across the workforce with our fully managed Security Awareness Training and Testing service.
