Not So Remote: The Large Possibility of Data Loss When Workers Are Offsite

Lisa Baker, Editor, UK Business News October 12, 2023

Written by Mark Johnson, Senior Director of Global Alliances, Arcserve

As we all know, the COVID pandemic triggered a rapid and widespread shift to remote work that persists today—and for good reason. Remote work offers many benefits. It gives employees greater flexibility over schedule, eliminates commute, enhances health and happiness, and boosts productivity. There are also downsides, of course. For one, the rise of remote work introduced a host of cybersecurity concerns, as employees who work outside the office don’t have the security features that go with it.

Are companies responding? Many are not. For example, only 38% of financial services companies have a backup and recovery solution for remote employees, according to an eye-opening new study from Arcserve. It is a risky proposition. Financial services companies that don’t have a security solution for remote employees expose themselves to a wide range of serious threats, including data loss, regulatory noncompliance, and operational disruption.

Of course, the situation may not be as dire as that 38% number suggests since much of the data held by financial institutions probably doesn’t exist on employees’ devices. Most of it resides on secure servers, either onsite or in the cloud. Indeed, employees aren’t even allowed to save files to their desktops at many financial companies. They must log into remote virtual desktops or save data on SharePoint or OneDrive, both cloud-based. Strict controls and monitoring capabilities are in place because the main goal is to have as little data as possible on individual devices.

Where remote backup falls short

The financial sector is in pretty good shape regarding security. But if we consider remote workers outside the financial services sector, where regulations and security measures are typically less stringent, we can identify serious issues.

In many industries, individuals are allowed to save data to their devices, which poses a problem. Backing up remote workers is always a challenge because, in many cases, organisations aren’t managing the devices themselves. Instead, they focus on controlling access to company or web-based resources like Microsoft 365, NetSuite, and Salesforce.

Most companies don’t secure remote devices adequately, and even when they try, protecting those devices is inherently difficult because they’re constantly on the move. Traditional backup and recovery methods often fall short when the laptop is unavailable or offline. Not all backup and recovery software solutions automatically resume backup when the device comes online, resulting in days of data loss.

That’s why, with the rise of remote work, the goal is to store as much data as possible in the cloud or corporate servers and reduce reliance on individual devices. This way, if a laptop is lost or damaged, data remains accessible. Like transferring data to a new phone, the idea is to enable users to log in and access their data seamlessly. However, achieving this goal is challenging due to the offline nature of remote work.

Four keys to protecting remote data

In the context of remote working, here are four key lessons and security best practices that organisations can learn from and adopt.

1: Centralize your data

While some individuals may have copies of data on remote workstations, the goal should be to centralise data on corporate servers or cloud-based solutions like Office 365, Salesforce, NetSuite, or a similar platform.

2: Secure remote devices

Whether it’s a laptop, iPad, or home computer, all devices serve as a gateway to corporate systems. For instance, the laptop on my desk is the portal through which I access applications like Salesforce and Office 365. The goal is to enhance the security of these devices. The approach should include robust endpoint security, strong authentication, and regular updates to protect devices from malware, unauthorised access, and known vulnerabilities.

3: Train your users

It’s worth emphasising that many vulnerabilities arise from compromised user credentials. These credentials aren’t limited to super admins or high-level staff. Even regular user credentials can be exploited to wreak havoc, especially on platforms like Microsoft 365. Ensuring that your users are well-informed and vigilant is crucial. Ultimately, organisations should aim to foster a culture of security where every employee understands their role in maintaining cybersecurity and feels responsible for protecting sensitive data and systems.

4: Continuously update your policies and procedures

This best practice applies to security, backup, recovery, and user access policies. These must be updated regularly to keep pace with changes in your environment, such as introducing new applications. For instance, if you look at some major ransomware incidents, many were executed using outdated credentials. When employees leave a company and their credentials aren’t promptly revoked, it creates a vulnerability. Falling behind in policy updates can lead to mismatches between your policies and the data you must protect, whether for backup or security purposes.

Final takeaway

The global shift to remote work has brought both opportunities and challenges. While remote work offers enhanced flexibility and adaptability, it has opened up cybersecurity threats and increased data vulnerability. Considering these issues, there are overarching lessons and high-level security principles that all organisations should heed. These are especially important now that we live in an era where remote work is not merely a temporary response to unforeseen circumstances but an enduring and integral component of the contemporary organisation.

 

More Stories

SPG enhances cybersecurity capabilities with Saviynt.

Lisa Baker, Editor, UK Business News October 28, 2024

Vice-Chair of Cyber Security APPG calls for dedicated Cyber Security Minister

Lisa Baker, Editor, UK Business News October 16, 2024

Guide highlights the power of advanced technologies in audit, and the dangers of over-reliance on them

NTSI Publishing Team October 10, 2024

You may have missed

trees beside white house

Quick stamp duty rise is to avoid market distortion, says property expert

Lisa Baker, Editor, UK Business News November 2, 2024

In the Welsh Wind Second Release Whisky Pre-Sale a Sell Out

Lisa Baker, Editor, UK Business News November 1, 2024
gambling, casino, bingo

The History of Casinos: From Ancient Times to the Digital Era

Lisa Baker, Editor, UK Business News October 31, 2024
Headshot of Gus Williams.

The Budget – key next steps for businesses

NTSI Publishing Team October 31, 2024

Panasonic’s KAIROS Platform Delivers a Competitive Esports Advantage for University of Staffordshire

NTSI Publishing Team October 31, 2024