Gartner 2020 Market Guide for Insider Risk Management Solutions | Get the report →
  • Partners
    • Technology Partners
    • Reseller Partners
    • Partner Portal
  • Customer Toolkit
  • University
  • Support
Code42 Logo
  • Products
    • Incydr™ Data risk detection and response for insider threat Product Overview right arrow icon
      • Features
      • Detection
      • Investigation
      • Response
      • Use Cases
      • Remote workforce monitoring
      • Departing employee monitoring
      • IP theft detection
      • View All
      • Information
      • Product Plans
      • Deployment
      • Integrations
      • Developer Portal
      • Trust & Security
      • Services
    • CrashPlan Cloud Endpoint data backup & recovery for the enterprise
  • Solutions
    • Insider Risk
    • Data Exfiltration
    • Incident Response
  • Company
    • About
    • News
    • Careers
    • Leadership
  • Resources
    • Resource Center
    • Reports, eBooks, Videos
    • Events & Webinars
    • Customer Stories
    • Product Resources
    • Integrations
    • Developer Portal
    • Trust & Security
    Data Protection: Code42 vs. DLP Leave DLP behind with a better, risk-based approach to protect data. Learn more right arrow icon
  • Blog
  • Get Started
  • Partners
    • Technology Partners
    • Reseller Partners
    • Partner Portal
  • Customer Toolkit
  • University
  • Support

REMOTE WORKFORCE

Getting Real on Working From Home: Security and IT Practices That Are Here to Stay


5 MIN READ

SHARE

Code42

If history has taught us anything, it’s that change is always constant. The most successful companies of this generation—think Apple and Amazon—embraced drastic change in order to thrive. During the COVID-19 pandemic, organizations are being challenged by change with the unprecedented speed required to shift entire workforces to remote work, with security and IT teams shouldering the brunt of this challenge. 

To support a large number of employees working remotely, security and IT professionals had to make countless adaptations in the span of a week, or even a few days. VPN capacity had to be tested, new collaboration software was adopted and office hardware was moved from work desks to personal desks, out of reach from the IT team. We are sure your respective teams dealt with the same challenges.

Now that we take a look back, did we execute this security shift correctly? The answer might not come until a year from now when an inventory audit reveals a few misplaced desktop monitors. But in the meantime, we have compiled an assessment of the immediate aftermath, a catalog of what worked well for CSOs and CISOs in their attempts to properly secure data across remote workforces, and what they admit might not have been the best route.

To Continue Reading…

Share a few pieces of information and we’ll personalize your experience with us

What works: Security and IT practices that are here to stay

1. Focus on security fundamentals first 

Whether you are working from home or not, one thing that shouldn’t change is basic security hygiene. Make sure you are prioritizing confidentiality, integrity and availability. Otherwise any additional security and IT efforts won’t have a foundation to grow off of. In addition, ensure your IT and security teams are working cross-functionally; a siloed team will not be able to strengthen these fundamentals. 

2. Test VPN capacity 

VPN capacity is a large concern for IT and security teams, especially when their previous architecture only supported a fraction of the organization working from home. After many tests and modifications, you have probably found the balance between full-tunnel and split-tunnel VPN that best fits your organization. But as the workforce starts to de-mobilize, this testing will continue. Some employees will continue to work remotely and we may never return to a time where the majority of the workforce is connected to the corporate network.

3. Continue security education and awareness for the entire organization

External attackers did not sympathize with the global pandemic in 2020. In fact, they exploited it, stooping to an all-time low with an onslaught of phishing attacks, new malware and credential stuffing. It’s important for the entire organization to understand how they can help prevent these attacks, as well as other security breaches, especially when your team has enough on their plate already. Consistent chat communications and email reminders can go a long way for your organization’s ongoing security awareness and training program – and it’s a practice that is important to maintain regardless of where employees work.

4. Ensure visibility to your data

Let’s talk about data management and monitoring. Does it require you to identify and tag what’s important? Is it driven by policies? Do you know what’s going on when employees are not  connecting to VPN? These are a few of the questions that are important to answer. When you combine the adoption of new collaboration software with employees who do most of their job while disconnected from the VPN, it doesn’t take long for a highly-classified document to move to an undetected location. Policy- and network-based security tools have inherent limitations. When approaching data security, it’s essential to plan for visibility into security vulnerabilities and into the riskiest behavior regardless of where and how employees are working. Collaboration tools should spur innovation, not cause a security headache.

Lessons learned: Examining the failures

1. Physical asset management

This was a huge challenge—how does the IT team keep track of every piece of hardware that was relocated to work from home? How do you get loaner computers to employees who need one? For some companies, it was the first time they needed to have a virtual help desk. The best way to work through it? Document as much as you can, and understand that it may not work out perfectly.

2. Business continuity plans

While many scientists (and even Bill Gates) may have been warning about a pandemic for years, organizations were unprepared. Rather than being dusted off, business continuity plans were assembled in a matter of days, and executives were making really tough decisions to questions that they never imagined needing to answer. At this time, they were wishing they had taken action sooner. A business continuity plan should be strategic, well thought out and prepared in advance. This is a document that needs to be updated periodically moving forward.

The biggest challenge: Keeping a people-first mindset

In the end, technology is just the enabler for remote work. Having a people-first focus is the best first step for embracing change in your security and IT practices. Engage with your remote workers over non-related work topics—they aren’t spending those few extra minutes chatting at the help desk or joining midday coffee runs. Support your employees as people first. Otherwise, you aren’t benefiting your company.

Code42 logo
Code42 logo

Code42

  • About Code42
  • News + Events
  • Awards
  • Investors
  • Leadership
  • Careers
  • Contact Sales

Learn More

  • Insider Risk Ecosystem
  • Reseller Partners
  • Federal Solutions
  • Higher Education Solutions
  • CrashPlan for Small Business
  • Customer Stories

Support

  • Help Center
  • Code42 University
  • Professional Services
  • Twitter Twitter
  • Facebook Facebook
  • LinkedIn LinkedIn
  • YouTube YouTube
  • Terms of Use
  • Privacy Statement
  • Impressum
© 2021 Code42 Software, Inc. All rights reserved.
Get Started with Incydr™
Contact Salesright arrow icon
We'll have an insider threat expert reach out within 24 hours
Start Free Trialright arrow icon
Try Incydr at no cost for 30 days to quickly uncover your data blindspots
Interactive Demo
Take Incydr for a spin in our free sandbox environment.
Launch the demo right arrow icon
Explore the deeper functionality of Incydr™
Contact Salesright arrow icon
We'll have an insider threat expert reach out within 24 hours
Interactive Demo
Take Incydr for a spin in our free sandbox environment.
Launch the demo right arrow icon

This website uses cookies to improve your user experience and to provide content tailored specifically to your interests. Detailed information on the use of cookies on this website, and how you can manage your preferences, is provided in our Cookie Notice. By clicking I Agree or continuing to use this website, you consent to the use of cookies. Learn more.

Code42
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.