Ed Baker, EMEA Partner Lead, McAfee discuses how businesses can manage secure systems and data and the importance of balancing secure access and remote working flexibility.
It’s no surprise that working from home is still the ongoing reality for many, as companies across the globe continue to keep offices shut due to lockdowns and require their staff to work remotely.
When it comes to security measures, it’s a good idea for business leaders to define their approved services and make recommendations to users, so they are aware of remote working best practice. For instance, some may choose to prioritise services that encrypt all data in transit to ensure it is not intercepted – yet no matter the level of security offered by the service, anyone can record the screens and audio outside the app. As a result, companies must ensure staff are aware of the new security risks that come with working from home.
How can businesses manage secure systems and data while employees work from home via the cloud?
In 2020, we saw the threat landscape change dramatically as criminals pivoted quickly to take advantage of the shift to more digital, cloud-based interactions. As a result of this shift to cloud, IT security professionals have experienced a more significant number and range of endpoints accessing the network while facing increasingly complex cyberthreats – across both devices and cloud platforms.
As more and more businesses leverage cloud-based devices to optimise this collaboration, cloud security will continue to play a vital role within companies. With cloud platforms being accessed from numerous remote locations, businesses should aim to reduce their attack surface by ensuring secure cloud access. This is where resellers have a part to play, as they must be ready to offer guidance and support as the need for optimised cloud security increases.
However, securing data in the cloud is a shared responsibility that doesn’t fall solely on one party. To maintain optimal cloud security across the industry, all stakeholders, from cloud service providers to channel partners and end-users, have a role to play in this layered defence.
What trends have you seen emerging across the channel?
With the shift to digital over the past year, we’ve seen new trends emerge across the channel and partners are now using new tactics to stand out above the virtual noise – including leveraging gamification. For example, we’ve seen partners advertising that a top comedian will give a personal show at the end of a virtual event to attract attendees. Or partners using gamification to engage remote employees, such as through virtual competitions on platforms like Kahoot!.
We’ve also seen channel partners turn to flexible infrastructure to support the newly remote workforce. At the beginning of the year, many customers and partners didn’t have enough IT capacity to cope with the surge in demand for virtual connectivity and boosted their capacity through the cloud and SAAS applications. If a customer isn’t able to upgrade their on-premise servers, storage and application, channel partners are helping to provide them through cloud instead.
As well as these new trends, channel partners are supporting businesses as they establish baseline protocols to create and maintain a secure working environment. This includes providing risk intelligence solutions which can prioritise threats, predict which malware campaigns will be launched against them, and pre-emptively improve their defensive countermeasures. Using steps like this to stay one step ahead of adversaries is key to better managing cyber risk – which will ultimately help businesses to succeed today.
How have channel partners adapted during the past year?
COVID-19 radically changed and accelerated the growth equation for the channel. With more home working, increased cloud use and a heightened threat landscape across sectors, partners had to pivot quickly to make the most of new opportunities to sell collaboration tools and cloud transformation solutions, all with optimised security.
Channel partners are now also increasingly offering managed services – such as intelligent endpoint detection and response (EDR) – to relieve the strain on stretched security teams. Today, IT leaders are looking for support through automated analysis and strategic incident response, so that remote teams can detect and respond to threats from device to cloud quickly while effectively managing cost. In this respect, resellers have adapted to help security teams do more and act faster with the resources they have at their disposal.
To ensure that they have the right tools and plans in place to both prevent and respond to a cyber-incident, we have seen channel partners offering prescriptive actionable security intelligence solutions. These solutions streamline risk and threat operations to help organisations get ahead of their adversaries. With guidance and support from channel partners, IT teams can use these tools to stay one step ahead of cyber threats and prioritise, predict and prescribe the best cybersecurity solutions to protect their organisation.
The impact of the pandemic isn’t going away any time soon, and so channel partners are having to continually adapt to stay relevant in today’s evolving industry landscape. Examples of ways to adapt include switching from traditional marketing to social and virtual marketing, consulting on the customer’s cloud journey, embracing ‘as-a-service’ models like SAAS and MSP, focusing on security as an enabler of cloud transformation, learning how to be an ‘inside’ sales force, and focusing on keeping their people safe and motivated. By working closely with trusted partners to adjust to new opportunities, channel organisations can make the most of new growth opportunities and navigate their way through this turbulent time successfully.
What tools and processes are available to help businesses balance secure digital access with flexible remote working?
Businesses and employees can balance secure digital access with flexible remote working, and protect both personal and corporate data against newly emerging threats, with a few simple steps.
Firstly, using a VPN to establish secure connections when working remotely is vital, as an unsecured Wi-Fi connection creates an easy gateway for hackers to access personal information and data. Additionally, advising employees to steer clear of suspicious email attachments and links is also crucial, as targeted phishing emails are often used to access personal data.
It’s also important for businesses to have a flexible architecture that can adapt to changes in working patterns, without the need for bolt-on security. To ensure this, they should be asking questions – are all devices secure and able to connect safely and scalably to the Internet? Is data being managed securely? What collaboration or other cloud services and infrastructure are being used? Businesses can then integrate each of these elements into a common platform to better manage threat prevention and defence, as well as data loss prevention (DLP), as employees work from home.
Finally, password security is key. Work applications should all be secured with complex passwords, and businesses should be sure to implement two-factor authentication on all work-related services and devices. Ultimately, getting access to something supposedly confidential isn’t always that hard for hackers nowadays. By requiring a second form of identification to log in, hackers are limited in what they can pull off, and both company servers, devices and data will be better protected when working remotely.
Read the latest edition of PCR’s monthly magazine below: