sb-as logo
Story image

Three ways to protect your business in the cloud

24 Apr 2020

Article by LogMeIn Japan & APAC VP, Lindsay Brown.

As governments around the world issued directives that individuals need to stay home and isolate amid the current COVID-19 pandemic, organisations scrambled to set up the infrastructures to protect the business and its employees. Now that organisations have made headway in their remote working practices, with some even considering its permanency, they are now presented with a new challenge – protecting the business in the cloud. 

The cloud is still unfamiliar territory for many. Most employees working from home find themselves using a multitude of devices, applications and networks, increasing the complexity of managing – and protecting – user access within businesses. While employees just want to work efficiently, IT needs to ensure the proper controls are in place to protect the company.

For IT leaders and businesses managers needing to effectively manage their remote workforce, here are the three ways to protect your business in the cloud:  

1.    Make access control a priority 

A modern BYO-anything workforce means more access points, hidden apps and hurdles to secure across the organisation. Even as cyberthreats rise, employees expect technology to be fast, convenient and easy to use. Businesses must prioritise an access solution that secures the organisation while helping employees stay productive wherever they are.
 
Knowing the apps used within your organisation and understanding user access behaviour is important to spot issues before they become a bigger problem. However, having complete control over user access can sometimes be difficult and hidden from view thanks to Shadow IT – those undocumented apps that employees bring into the business. If you can vet and track these on work devices, you can prevent potential fraudulent or malicious software being installed. 

Additionally, the assignment of specific permissions and privileges for employees based on their particular role protects sensitive information and ensures a need-to-know protocol is enforced. Using a single sign on (SSO) access solution such as LastPass will ensure employees are not maintaining multiple passwords, and securely connects them to the work applications in which they are assigned, without the need to type a password.

2.    Establish strong access policies

An effective strategy in maintaining security is to encourage good password hygiene practices within your business. This is particularly important with a remote workforce, when every employee logging in is outside of the traditional corporate perimeter. According to FireEye’s latest M-Trends report, median dwell time for non-ransomware breaches in APAC is 94 days. So, when staff are empowered with best practice knowledge, they too can take steps in mitigating potential risks. 

Some ways to do this include preventing password reuse through generating and storing of unique, random and strong passwords and automating password storage by capturing and storing passwords for new services, whether they’re managed by IT or not.  Additionally, using multifactor authentication wherever possible with services like LastPass MFA is critical to protecting the business, and if there is need to share a password, use an encrypted format to discourage insecure methods like text, email or written notes. 

3.    Get employees on and off systems fast

Organisations need to give employees convenient, secure access to the tools they need to do their jobs, with the appropriate level of permissions - so when they onboard or offboard with the organisation, there is complete visibility of their whole working journey. 

Using one centralised admin dashboard will provide a unified view of employee access across the organisation. Similarly, integrating with your existing user directory to automatically provision new employees, with the right privileges to the right resources will help jump start their productivity. Lastly, have a kill switch to immediately and completely turn off access privileges when an employee leaves.

Through these key methods, managing the security of your remote workforce should prove less daunting and help to ensure greater preparedness for the future of work. 

Story image
Interview: ThreatQuotient champions threat intelligence through virtual 'situation rooms'
To understand what it involves and some of the collaboration challenges that come with distributing threat intelligence amongst specialised security teams, we spoke to ThreatQuotient APJC regional director Anthony Stitt.More
Story image
VPN vulnerabilities pose serious risk to OT Networks
The vulnerabilities affect three industrial VPN servers and clients.More
Story image
Juniper named a Champion in Canalys Leadership Matrix
Champions receive generally positive partner feedback, have a large share of shipments, maintain growth and show improvement in channel management.More
Link image
Are modern authentication solutions killing passwords?
Multifactor authentication is innovating the login process and making it more secure. Passwords may be the first to go - but there are still some factors keeping them alive.More
Story image
Why greater network visibility is needed to reduce the threat posed by IoT in the enterprise
At home and abroad, organisations have joined the rush to embrace Internet of Things (IoT) technology, but a new survey shows they’re only just beginning to wake up to the enormous risk those devices pose, writes ExtraHop A/NZ Regional Sales Manager Glen Maloney.More
Download image
Hardware Security Modules - and why they need to be virtualised
Unbound's vHSM provides advanced key management functionality, as well as easy and secure remote administration support - meaning there is no need for users to compromise on security any longer.More