In the latest installment of Java with Otava, Product Manager Chris Rizzo discusses what security postures organizations need to consider to have a successful remote workforce. You can check out more Java with Otava videos on our YouTube page.
Hello and welcome to another episode of Java with Otava. My name is Christopher Rizzo, I’m a product manager here with Otava. Today we’re going to be talking about security considerations for your remote workforce. So, grab your favorite cup of joe and we’ll dive right in. The three things I wanted to cover today are first, just how the landscape around remote workforce has changed with Covid-19 then we’ll dive into the things that you want to consider when securing your workforce remotely and then end on the one thing I am most excited about, is sharing with you today the one thing that you can do to reduce your risk of being compromised by 99.9 percent.
Starting off here obviously, in the last couple months the demand for remote workforce has dramatically increased amid Covid-19. One thing that people and companies may not realize is, according to 451[Research] of all new policies and changes to remain in place long term, or become permanent as a result of Covid-19, far and away the number one answer is expanded or universal work from home policies. The short-term impact has been dramatic but is also expected to be long term and permanent so something to consider as we’re transitioning to a more and more remote workforce. The other thing I wanted to highlight is around the threats that have been introduced through Covid-19. This is according to one of our partners, Trend Micro, not only spam messages are on the dramatic rate of increase but also malware and malicious URLs. So, it’s becoming more and more important, as employees’ transition to a remote workforce, that those networks are secure and that you have the proper policies and procedures in place to protect your company and your data.
As we dive in here, I wanted to touch on three key areas that I think everyone, every business should be thinking about as we move to remote workforce. The first one being around BYOD or COPE device support, there’s a variety of different things that you can do to help protect that remote workforce. The first being around access control, so whether it’s throwing passwords or actually mandating NFA, which we highly
recommend, you want that access control to be the most secure it can be. Also, around mobile device management and device protection, you want to make sure that you have some rules and procedures around lost and stolen devices, you want to make sure that that data is being backed up in that event. Also, another key consideration here is as computers are no longer on the local area network, it becomes more and more difficult to monitor and manage those critical vulnerability patches. So you want to make sure that you have a system in place that ensures those mobile devices are being patched. Secondarily, a lot of companies have put in place remote VPNs over the years but, as we’ve sort of reached near peak remote access requirements, you want to revisit that for performance, capacity and cost factors. So, review the hardware, the bandwidth, the licensing required to meet that demand, but also consider traffic management and non-essential traffic offload to really ease the bandwidth constraints that you might be facing.
Finally, and perhaps most importantly, is around employee security training. As many people know, phishing and social engineering remains at the top of the security threat list. It’s become more and more critical to educate employees on the latest scams, make sure that as they’re working from home their home router has proper security in place and then also institute and utilize secure official communication channels so that employees become aware of what is official communication of what might be suspicious, phishing or social engineer campaign. I wanted just to end here on a quick note, a simple thing that you can put in place, and might have a dramatic impact on your risk of being compromised, is multi-factor authentication. From another of our partners, Microsoft, based on their studies, your account is more than 99.9 percent less likely to be compromised if you use MFA.
So, if there’s one thing that you take away from this presentation, is good MFA in place and it can have a dramatic impact. I wanted to end on a thank you. You know that Otava is here to help whether you’re ready for a remote readiness assessment or you just simply want to talk security with us, please reach out to us at Otava.com, we’re here to help. Be safe, be well; this is Chris Rizzo signing off, thank you.