SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers

Video: 10 Minute IT Jams - An update from SearchInform

Fri, 23rd Sep 2022
FYI, this story is more than a year old

Remote work is here to stay. That's the assessment of Val Novasola, Global Leading Product Development Manager at SearchInform, who says that while the world has largely moved on from the emergency shift brought about by the pandemic, hybrid work is now a permanent fixture for many organisations – and it is reshaping the information security landscape.

"There are a few trends in the development of information security which simply cannot be ignored nowadays," Novasola said. Chief amongst these is the enduring prevalence of remote work. "Recently we have witnessed a global emergency shift to remote work, and many organisations still provide their employees with the opportunity to work remotely – permanently or several days a week."

This shift, Novasola explained, is backed by data observed among their clients: in 2019, just over ten percent of employees were remote, whereas in 2020, the vast majority shifted out of the office. The trend has since stabilised, with remote work remaining far more common than before the pandemic. "It is required to build protection taking this important fact into consideration," he added.

This has profound implications for cybersecurity, especially as businesses adjust existing processes to accommodate distributed workforces. One of the most significant solutions, Novasola said, has been the adoption of cloud-based protective tools. "Businesses don't have to choose between security, usability and cost," he explained. "No special hardware is required – the system collects for sales and source data in the virtual environment."

Cloud deployment, once the preserve of dedicated information security departments, is now rapidly becoming the norm for companies of all sizes. "Such deployment model will be suitable for companies that don't have their own IT infrastructure, have their offices in different cities or countries, or have many employees working remotely," Novasola explained.

SearchInform has responded by offering a risk monitor deployed in the cloud, giving customers "full functionality" including data encryption, file system access controls, management of remote software, and advanced investigation tools. These security platforms, Novasola noted, allow companies not only to prevent data leaks but also to adapt rapidly to the evolving threat landscape.

Software development itself is also transforming to keep up with changing business demands. According to Novasola, one major shift is the growing demand for open APIs, allowing organisations to tailor security tools to their unique processes and systems. "Customers want to modify products to fit their own business processes or self-written software, and companies need seamless interaction of all their IT infrastructure components," he said.

Previously, individual programmes operated independently, each solving a separate task. "Now this is no longer enough," Novasola added. In response, SearchInform has invested heavily in integration components, allowing their systems to function interoperably and offer a broader suite of tools for clients.

Integration is not limited to companies' internal processes. Partnerships between vendors are opening "new opportunities for clients," Novasola said. "Every year we integrate with new companies such as Huawei, Azure, Google Drive, OneDrive and WebEx." A recent example is an integrated solution with Huawei storage systems, which now provide clients with the ability to categorise data by content, monitor operations with sensitive files, manage access, and archive critical copies.

For organisations lacking their own risk mitigation departments or resources, Novasola suggests "security as a service" is an increasingly viable model. "With the active transition to remote work, small and medium enterprises have realised they simply could not cope on their own – lacking money, experts, or time," he said. In 2019, SearchInform introduced an outsourcing service designed for just such companies, providing not only software but also an experienced team: "They didn't need to hire and train."

This approach was stress-tested during the pandemic, when SearchInform offered outsourced support to 50 companies free of charge for several months. "Clients felt the benefits firsthand," Novasola said. While reports did identify challenges such as declining team discipline and occasional rule-breaking, the overall convenience and time-saving provided to clients' security experts were clear.

Novasola is a firm advocate for seamless integration across security systems, describing how the company's products span multiple levels of protection, from IT infrastructure to file systems and data channels connected to human risk. "The systems are integrated seamlessly, operate on a single technological basis and can be deployed within a few hours," he said. Adding additional modules significantly increases the functionality of the whole complex, which is especially valuable for hybrid work scenarios.

Alongside product development and integration, Novasola sees education as a cornerstone of effective information security. "There are two constant tracks of development: training of employees in the sphere of information security to increase their literacy, and sharing experience in the professional communities," he explained. He compared information security awareness to knowing basic road traffic laws – essential knowledge, even for those not directly involved.

SearchInform runs full-scale training courses tailored to different industries and regularly organises conferences – the SearchInform Roadshow – dedicated to risk management and information security. "We share our experience, ideas on development and promotion of products, and examine trends and real-life cases of our clients," Novasola said. When expanding into new markets, SearchInform goes beyond press conferences – immediately involving local communities through these roadshows and providing new clients with training centres.

Ultimately, Novasola views information security and risk management as an integral part of daily life, not just a technical or business concern. "Everyone should strengthen their competence in the sphere," he said. "You see that information security and risk management have become trends in everyday life."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X