Challenges from the enhanced threat surface due to Covid-19 brought about a greater experience in handling cybersecurity with a majority of all employees shifting out of the organisational boundaries in a short span. The massive shift to a remote working culture put enterprises at the mercy of cyber hygiene.
For any enterprise to be able to protect data in a distributed network of remote workspaces, information tracking and security policies need to be deployed with the business able to minimise security risks and achieve business resilience. By making significant adjustments to the rules for monitoring and use-case generation, employees could adapt to the new ways of working. All our endeavours, including data aggregation and analytics for operations and infrastructure provision planning, take into consideration employee privacy mandates. Organisations have also developed new models to monitor employees for reasonable assurance of their productivity without conflicting privacy mandates.
Enterprises need to ensure a proper borderless security architecture is configured when devices connect from remote locations. Organisations which are not able to make this shift are the ones who are at a risk of falling prey to cyber-attacks.
How can companies lean on security to foster digital trust with customers?
As digitisation becomes more advanced and cyber-attacks get more lethal and sophisticated, organisations need to be always on their guard. One way of doing that is to keep an eye on security. The secret lies in empowering and enabling all stakeholders to practice security. The principles of secure by design and privacy by design can play an important role in ensuring that security is embedded at the beginning and in every stage of the business cycle. Security also needs to be designed into every enterprise architecture. Privacy-related regulatory mandates have made it essential to incorporate privacy by design in almost every project. This plays a key role for organisations to gain digital trust which is a huge competitive differentiator today.
How can enterprises balance security and convenience to optimise the customer experience?
The time has come to focus on developing security for people. With cyber criminals increasingly targeting remote workers, additional vulnerabilities have been created. Our default reaction is to blame the victim, even penalise them. It may be vital, however, to look at why the incident occurred. The following best practices should be considered to balance security and convenience and create a better user experience.
Upgrade VPN infrastructure to allow more bandwidth and ensure fast and seamless access to company resources for remote workers.
Test new models for connecting effectively. For example, creating various levels of authentication based on a trust score and built from the risk factors found for each user or activity, i.e., Adaptive Authentication.
Implement security technology and processes that are designed with the user experience in mind. For example, fine-tune session time-outs so that there is a fine balance between user experience and security.
Ensure security is ingrained as an integral part of remote worker behaviour. Publish FAQs and other supporting documentation, conduct workshops and training to allay confusion and any resulting risks with respect to remote access.
With all these measures implemented, it is essential to embed security into each level of the organisational process for a safe business ecosystem.
(This is a slightly modified version of an article originally published in Financial Express. The original article can be found at https://www.financialexpress.com/industry/technology/security-needs-to-be-embedded-in-every-stage-of-the-business-cycle/2194060/)