Connect with us


Security Benefits of Returning to Office

Security Benefits of Returning to Office

By John Pirc, Director of Product Management at Alert Logic

COVID-19 has changed the way we do business and in order to remain viable, almost every industry had to accommodate a virtual workforce to some degree. Technology certainly has its advantages, but working from home can also come with a lot of drawbacks. The work-life balance has blurred, and people have spent even more time online for work, school, shopping, entertainment and socializing.

As a remote/virtual executive in cybersecurity, my average work week went from ~55 hours to ~80 hours. This became the new normal, working weekends and helping my children with school. I love my job and to me it’s like playing Xbox, however, 80+ hours is not a happy work-life balance. The return to the office is a great thing for social interaction and collaboration. This will start to regulate the work-life balance as life starts to return to a sense of normalcy.

To execute the shift to a remote workforce, many organizations accelerated their transition to hybrid cloud infrastructures, complicating their efforts to maintain security against cyber threats. Enterprise grade security for remote users has been a challenge as corporations had to rely on endpoint and cloud-based security. Security is easier when you have control and the return to office puts more control on the endpoint. The human element is always what causes a security breach, whether it is lack of patching, poor hygiene, password complacency, etc. While organizations will never be 100% secure, the return to office enhances the security team’s visibility and understanding of assets. Shifting back to office gives more visibility to the infrastructure as a whole, rather than every person operating remotely.

Collectively, the pandemic has completely restructured how we all do business. Having spent most of my career working from home, I’ve gained a seasoned appreciation for the importance of separating business from personal use on a corporate laptop. The pandemic has closed the gap on forcing more people to work from home, increasing the risk to any organization, especially in the SMB and mid-sized market. Don’t get me wrong – these organizations may have the basic security controls, but their security teams are lean and don’t have the type of funding and expertise of a large enterprise corporation.

The shift to work from home placed all industry verticals in the same conundrum, especially those that didn’t have a remote workforce. The big question is: “How do we secure the remote user?” Working from home can be secure given a couple of basic technologies such as VPN (Virtual Private Network) and Client and Endpoint Detection and Response (EDR). However, companies need to factor in the human element and trust that employees are maintaining good security hygiene, especially for the executives and leaders of the company.

However, it’s not just technology that keeps you secure but its people and processes, which isn’t often highlighted. The people aspect of reducing risk is through education. Education can be delivered through corporate delivered phishing campaigns to assess security awareness and address those issues through training. The process aspect can be achieved by password enforcement (password rotation and changing passwords every 90 days, etc) and ensuring all cloud-based systems and SaaS application are configured securely, which would happen regardless if the user is working from the corporate office or home.

Protecting an on-prem environment is tough enough, but it’s less complicated than protecting remote workers. The transition to remote work presented openings to bad actors, in effect stress-testing some organizations. Lessons learned securing data assets during the pandemic could serve to create a more secure hybrid environment when people return to the office, as more companies have deployed new best-practices to accommodate a shifting workforce dynamic.

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate


Newsletters with Secrets & Analysis. Subscribe Now