sb-as logo
Story image

How CSOs can ensure security and productivity remain resilient during challenging times

21 Apr 2020

Article by Fortinet security solutions director Corne Mare.

As increasing numbers of workers set up office spaces in their own homes, organisations face new and unprecedented challenges when it comes to maintaining operational continuity. Businesses need to remain agile and adaptable in times of rapid transformation. Ensuring that security and productivity remain resilient, regardless of the circumstances, is paramount to business success.

When there are extenuating circumstances, the risk of exposing a company to vulnerabilities increases significantly. For chief security officers (CSOs), this means significant business changes, such as transitioning the workforce to work from home instead of in a central location, can provide opportunities to assess the impacts on security processes.

The CSO role has and always will involve managing risk, no matter what challenges a company is facing. Especially in such an unprecedented situation, like the current COVID-19 crisis unfolding globally, it is critical that CSOs understand the resources they have and, crucially, are keenly aware of the abilities and limitations they can offer.

For many, this means understanding both the technical capabilities of an organisation’s resources and the access that employees require across different job functions. Knowing how these different elements work, and how they work together, can help to mitigate risk and keep organisations running smoothly as they face new challenges.

Many companies will already have contingencies in place for potential obstacles that may impact business-as-usual operations. However, it is critical to review these regularly to ensure that, when the time comes, a company’s leadership can assess the situation and provide guidance calmly, and to maintain composure during a crisis.

Having strategies in place is essential, and it’s critical to frequently reassess and update them to identify and fill any gaps. Additionally, organisations should identify any dependencies and mark them for action and follow up.

There are three key areas to consider when it comes to preserving security and productivity in times of crisis:

1. Providing secure and reliable network access for users: Moving a predominantly office-based workforce to a new online environment will offer new challenges to any organisation. It is essential that all workers can access the devices and resources they need to continue working effectively under new circumstances. This means identifying who does and doesn’t need access to what systems and repositories, limiting access to unnecessary resources, and assigning access to specific resources where needed.

2. Supporting user access requirements: Understanding the different job functions of employees will help in the transition to a new workforce model. Based on this understanding, CSOs can determine how to support user access requirements. For example, if most of the workforce only requires Software-as-a-Service (SaaS) applications like Microsoft Office for their day-to-day work, they won’t require the same user privileges as IT personnel or executive managers who need access to finance platforms and other mission-critical systems.

3. Using existing resources to the full extent of their abilities: It’s important to build a clear picture of what resources are available and where the gaps are. This can help inform decision-making around investing in additional services or technologies.

Organisations rely on careful planning and experienced leaders when it comes to risk management. CSOs must be able to identify the challenges they face in times of crisis and have a strategy in place to mitigate disaster. Having a clear understanding of business objectives will help to maintain operational efficiency while also prioritising security and productivity, in spite of the challenges the business and its employees face.