Tactics for addressing cybersecurity risks from hybrid work
Image: © AFP
Hybrid work has accelerated following the coronavirus pandemic and most firms needs to offer some form of hybrid working in order to retain or attract employees. Yet hybrid working brings with it cybersecurity risks. How can companies mitigate the cyber threats of hybrid work with adequate security controls and practices?
Martynas Paskauskas, the head of development at NordLayer tells Digital Journal, there are some best practices that make hybrid work environments more secure. These approaches are outlined below.
VPN-enabled secure network
Hybrid work involves abandoning a designated company network and using resources on home- and public-based networks, vulnerable to serious security risks. Each employee can connect to a secure, private network using a company VPN.
Use network access with zero-trust
A hybrid approach refers to a mobile workforce and the need to protect users, equipment, software, and data wherever possible. In this situation, insider threats remain a substantial risk. Whether employees are in the office or working from home, having a zero-trust mentality is beneficial. The mindset of “trust none, verify all” is based on the zero-trust paradigm and is applied through identity authentication to access work equipment and resources, network segmentation, and access control management.
Implement multilayered cloud solutions
Physical infrastructure is constrained by high-cost equipment and on-site maintenance. Switching to multilayered cloud settings, which provides an agile, simple-to-install, and updated configuration, may be the best option for effectiveness and sustainability. It is harder for potential attackers to get beyond a company’s defenses if there are multiple layers of protection since there are more points of failure. Modern cybersecurity secure access service edge (SASE) design levels everything to a virtual level, making it easier to manage and scale demand.
Automate monitoring
Hybrid workplaces generate many requests, endpoints, and problems that eventually become challenging to manage and demand more time and labor from IT administrators. Automation is crucial in streamlining monitoring operations and spotting anomalies in real time because increased pressure increases the potential for human mistakes.
Train the workforce
The cybersecurity efforts of businesses are incomplete without employee training. Since employees might not be aware of hidden security risks while working at home, every organization must train employees and spread awareness of the importance of applying security measures and personal responsibility.
Gloss