Skip to main content

How the surge in remote working is forcing the issue of location agnostic cybersecurity

(Image credit: Shutterstock / Ruslan Satsuik)

Now that all but key workers are required to stay at home in the UK, we can expect to see an increased focus on the practice of remote working. We should remember however, that remote working has already been on the rise in the last few years for a number of reasons.

Travel disruptions can make it more time-effective, and less stressful for commuters to simply not travel on certain days – or even for extended periods. When we consider longer journeys, abnormal weather conditions such as storms and heatwaves, often cause significant disruption to flight and train schedules. In these cases, workers are stranded not at home, but sometimes in another country entirely. Faced with these challenges, many UK organisations are supporting the movement towards an increase in remote working as part of their overall approach to business. 

According to March 2020 figures from the ONS, 1.7 million people in the UK reported they work mainly from home, with over double that figure (4.0 million) having worked from home in the week prior to the survey.

People find they can work from coffee shops, libraries or co-location working spaces, a habit we can expect to see them return to later this year. In addition to these public spaces, there are thousands of dedicated offices where co-workers can hire desks, rooms or conference centres by the hour. There has even been the rise of the so-called ‘pro-worker’ – those who run their permanent businesses from temporary and fluid accommodation spaces.

Taking (remote) control

While driving efficiencies and improving employee work-life-balance, working from home, a coffee shop or a co-location (or pro-location) space is not anywhere near as cyber secure as being in an office. A lot more preparation is required to coordinate the activities of employees and to ensure company systems are able to support a critical mass of staff working remotely at a moment’s notice.

Before the postponement of the 2020 Tokyo Olympics, more than 1,000 companies in Japan were planning to introduce telecommuting for their staff during the event. It was hoped that remote working would help ease the pressure on the already overcrowded public transport. While the companies had been through a series of dry runs to see if the city systems, and the businesses themselves, could cope with the new workloads, the move would have tested the network’s ability to withstand cyber-attacks at scale. The plan mirrored a strategy adopted by many organisations during the London 2012 Olympics where 80% of companies employed some form of telecommuting in order to beat the additional traffic and congestion in the city.

All this additional demand for remote working will place strains on the existing office and telecoms infrastructure. For the office environment, having hundreds, if not thousands of additional home workers will test a company’s server capability and its VPN bandwidth, and driving IT professionals’ time and attention away from looking out for potential cybersecurity threats. Do organisations have the internal capacity to match the organic – as well as issues-driven – home working demands for the next five to ten years?

For those workers in cafes and co-working spaces, the question they need to ask is ‘how secure is the Wi-Fi connection that I’m working from?’. They are now reliant on a third-party service and who knows who is sitting on the next table or the opposite booth to snoop on their emails, giving malicious actors the proverbial keys to the enterprise kingdom?

Bringing in identity

We can be pretty sure that the future lies with more and more flexible working to support the evolving needs of businesses and employees alike. This is where identity will start playing a bigger and bigger role. Being used to free IT directors from the burden of routine tasks such as access approvals and data compliance and instead allowing them to focus on higher-value security and business threats.

Imagine being part of an organisation that has thousands of employees around the world, with close to half working away from the office across the globe, and close to 90 per cent in certain regions or countries. Is your network ready? And can you satisfy all access requests coming in at once? All the while ensuring that everyone logging on remotely is actually an employee and not a cybercriminal?

This is just one example of change and increased complexity in modern businesses and IT systems that would either slow workers down or lead to significant security compromises. In this ever-changing world, it is important to maintain a robust security approach to all employees – whether they work from the office or from Antarctica.

Taking a smart approach to identity now can make businesses confident of their ability to deliver both speed and flexibility when it comes to changes to working practices. After all, hackers won’t relent during this time of transition – but identity won’t either. Having the right tools for the job means that while we all pursue business as usual, identity is working tirelessly in the background and in real-time to spot unusual access, possible cyber risks and suspicious activity. As we adapt to the new reality of remote working on a longer-term basis, identity is already filling the cybersecurity void.

Ben Bulpett is EMEA Director at SailPoint