A few weeks ago, Hysolate was honored to host a series of roundtables about COVID-19 challenges and implications at GDS Group’s Security Insight Summit. Can you guess what CISOs and IT execs said their biggest struggle has been?
Enabling their workforces to effectively work from home.
For many companies, WFH has meant a total 180 in the way they typically operate. Until about three months ago, everyone was in the office. In many cases, even customer interactions were face-to-face. When COVID-19 pandemic hit, employees and customers had to instantly learn a new way of doing business. IT teams had to rapidly set up infrastructure that facilitated large-scale remote working, almost completely from scratch. The undertaking was massive.
Other organizations that had some degree of remote workers and distributed teams had a head start in terms of infrastructure and tools. But with the switch to enterprise-wide WFH happening practically overnight, they had to quickly address scale, capacity, and security issues.
Luckily, participants said, the urgency to get people online and companies back to business meant IT could procure critical hardware, software, and services without going through endless budget meetings.
With cyberattacks on the rise and so many employees using their own computers that don’t meet corporate security standards, or corporate devices that household members may have access to, security has never been more important. But the same goes for productivity. The challenge is how to ensure both.
Our round table participants equated balancing WFH IT security and productivity with balancing similar COVID-19 mandates. With COVID-19, you need to enforce enough precautions to stop the spread and keep people safe, but without locking down and further stalling the economy. Similarly, IT organizations need to impose enough security restrictions to protect their companies while still ensuring WFH employees can easily access the resources they need to perform their jobs.
To facilitate massive-scale WFH companies took a variety of actions, including:
- Immediately rolling out Zoom for Cloud based web conferencing apps, Zoom being the prominent one mentioned, and adding security protections such as encryption
- Accelerating their transition to the cloud for enhanced user access, productivity, and security
- Requiring workers who had been logging into Microsoft Teams as guests on their personal devices, to instead enroll in Office 365, which includes Teams, so that IT can enforce appropriate policies
- Upgrading VPNs to support thousands of people without lag times
- Implementing Network Access Control to facilitate instant, remote patching
- Establishing zero-trust workstations by using isolation technologies
No one knows how long WFH will be required or how many companies, like Twitter, will allow employees to WFH forever. The CISOs and IT leaders at our roundtables had lively discussions about whether WFH could or should replace working at the office, once conditions are right. (Most agreed some in-person interaction is needed to foster relationships and productivity.)
One thing seems certain, however. The need to balance productivity with security will never go away – not even if/when people return to the office.
Find out how Hysolate’s OS isolation platform enables you to secure corporate information without restricting users. (Hint: Hysolate splits a single physical endpoint into multiple virtual OS environments – one fully locked down and reserved for sensitive information, the other open to the Internet, email, USB sticks, and used for day-to-day work. A virtual air gap completely separates the two.)