Three ways you can give CISOs peace of mind about remote work

If there’s one thing that keeps your customers’ CIOs up at night, especially now, it’s cybersecurity. Which is why I think it is a good time to show them how to take their cybersecurity to the next level.

Securing remote and hybrid work has become one of the top priorities for C-level executives in Australia and throughout the world. The number of attempts by hackers to break into companies’ networks has shot up – KPMG reports that this number rose by 47 percent in 2020 and it is projected to be even higher this year.

This is one reason why the work of many CIOs, CISOs and even CEOs is more demanding than ever, and why it might be taking a toll on their mental well-being. Even before the pandemic, it was shown that CISOs in some countries struggled with stress – results of a survey of US and UK CISOs published in 2019 by Nominet found that 91 percent of all the CISOs interviewed claimed to suffer from moderate to high stress, and nearly 17 percent used medication or alcohol to deal with it.

But even though your customers are now dealing with an even tougher cybersecurity animal, you can help them tame it with the following intelligent investments.

Beyond Identity & Access Management: as the saying goes, trust but verify

Security executives already know the importance of Identity and Access Management (IAM), but now that remote work is the norm they need to pay even closer attention to it.

The words IAM are usually associated with password management, user access policies, single sign-on and identity governance, but these measures mightn’t be enough to give your customers peace of mind.

Which is why some CISOs are now going further by adding a layer of verification and validation on top of traditional IAM. This could be in the form of multi-factor authentication that falls under the umbrella of Zero Trust Security.

A Zero Trust Security architecture is not only designed to verify your employees’ identities via Multi-Factor Authentication (MFA), but it also validates the device they ‘re using to access the network and pushes for enabling conditional access to applications.

In July 2020, McKinsey predicted that IAM would continue to be a high priority for security spending, and rightly so. But going beyond IAM and building a Zero Trust Security architecture is smarter and will potentially reap higher returns, not to mention peace of mind.

Implementing a digital first culture, powered by virtual workspace solutions

The pandemic made VPNs a household word in 2020, but your clients can do better. Don’t get me wrong, VPNs do indeed play a crucial role in helping us navigate remote working ‘waters’, but they were never designed to serve the purpose that they’re being used for now.

Yes, that’s right, VPNs were never allocated or designed to support a 100 percent remote work business culture. That’s why you hear many employees complain about productivity and network slowness, and one reason they get frustrated. Trust me, when a task takes four times as many hours than it's supposed to, it burns you out mentally and physically!

What’s a more elegant solution? I recommend virtual workspaces. Digital workspace solutions can address most of the risks that come with traditional VPN technology. They give employees a better experience, because they don’t expose them to the ‘slowness’ issues that typically arise as a result of VPN crowding. And they enable users to access all the applications they need via one central location from anywhere in the world, simplifying remote work.

Although digital workplace solutions are more expensive than a VPN-based setup, they inherently take care of such critical factors as network security, end-point security and end user single-sign-on. They also use MFA to manage a user's access without additional investments in piecemeal systems.

Choosing between a VPN and digital workspace software can be challenging and the choice should depend on multiple factors governing your clients’ remote work strategy. Those factors may include the ratio of contractors to full-time employees, privacy levels needed to suit their organisation’s business model, and the robustness of existing infrastructure. So, although digital workspaces are an elegant solution, consider all the relevant issues before advising your clients to purchase one!

Data is your oil. water, gold and everything else, so back it up

Your clients can never have enough backups and layers of protection for their data, because it is one of their most valuable intangible assets. Data leaks can cost millions and holding of data for ransom can end companies.

The ransomware scenario is as grim as it sounds. So, a mature data management strategy that includes strong backup and recovery mechanisms is essential!

Other factors worth considering are the ability to backup remote systems and how frequently you or your client backs up data. CISOs, in general, would do well to invest in solutions that allow them to execute all aspects of their data management strategy remotely and solutions that continuously back up critical data.

From a security perspective, you can also recommend clients evaluate create an in-house data lake to gain more control of their data and to lower the chance of it being manipulated by hackers.

And reinforce that advice – your clients must back up their data and continuously update their data management strategy.