In the rapid move to remote working earlier this year, many organisations signed on for programmes and systems that were only intended as a quick fix, or compromised security altogether in the scramble to keep the business operating. Now, they're dealing with consequences.
That was the message Javvad Malik, Security Awareness Advocate at KnowBe4, shared in a recent websem, now available on-demand.
"Many organisations have accrued a lot of technical debt, for lack of a better term, to get people working remotely," said Malik. "They've enabled remote access to servers that they traditionally would never have given access to, or they might have relaxed some security rules. I heard of an organisation that actually dropped 2FA to allow all of their employees to easily connect into the office, because they didn't have enough resources to deploy 2FA to everyone, or train them up, or to deal with the number of tickets that would inevitably come in.
"There were lots of quick fixes put in place to enable remote working. What CIOs really need to be aware of is what the risks are that those fixes carry, and have a plan of how they're going to remediate that now and in the future, and what that looks like when there's a phased return to office."
Malik discussed how the first lockdown, which was announced and implemented very quickly, caught many organisations flat-footed. He said that compromising security to keep the business operating is not uncommon, but must eventually be faced and dealt with - sooner, rather than later.
"The first lockdown was rolled out quite suddenly. There was a phase when companies were caught unaware. For many of them there was so much uncertainity as to whether the business would even survive, or what furlough payments would look like or what help they would get; so I think the main driver there was a case of surviving this, and whether there would be a viable business at the end of it. We see it often, whenever there's a special scenario like that: cybersecurity controls are often lowered just to help get through that initial period. It's not something that's unheard of, but because this is going on for such a long time...we need to put in place plans to build up that security capability again."
Quick fixes like VPNs and lowering security standards only address the immediate problem. Going forward, Malik said, it is important for IT leaders to establish and maintain good lines of communication - with everyone.
"That's something that people miss when they're not in the office. You don't want them to hear about company news from their colleagues or by reading it online or from the corporate blog; you want open and clear lines of communication, so that the employee themselves know, hey, if I have a problem...how do I contact IT? Maybe remote working has changed how they log tickets or how they contact the helpdesk... As long as the employee knows who they can ask and how they can ask, and that they're going to get a response in a timely manner, that's far more important [now]."
To watch the whole websem, including Computing's research into cybersecurity in the pandemic, and some very insightful audience questions, click here.
The alliance wants tech firms to add functionality to their apps for governments to view encrypted messaging; but tech giants argue that any such system could be exploited
Removal of Huawei equipment from UK infrastructure should be speeded up, report recommends
The Covid-19 pandemic has seen organisations accelerate their cloud strategies, with staff reluctant or unable to work from offices, data centres and many other locations. Computing recently caught up with Justin Augat, VP of Product Marketing at iland,...
Certified businesses will have been better equipped to cope with the new normal