Cloud cybersecurity in a hybrid working world

“Remote working is clearly here to stay, with cloud-based technologies playing a central role in enabling this mobile future.”

From employees of the Swiss banking giant UBS to employees at the Asda headquarters, employees from various companies are given the opportunity to combine work from home with office work. A growing body of research shows that the transition to hybrid work models will not end as the pandemic subsides, as this approach benefits both companies and employees.

The Chartered Institute of Personal and Development (CIPD) report, published last month on Embedding New Ways of Work after the Pandemic, finds that 40% of employers say they expect more than half of their workforce to be on a regular basis after the pandemic ends will work from home.

Additional data from the CIPD make it clear how much the mood in the economy has shifted towards hybrid work in the past year. While 65% of employers didn’t offer an option to work from home before the pandemic, that number will drop to 37% after the pandemic ends.

Remote work will clearly remain, with cloud-based technologies playing a central role in enabling this mobile future. Working from home, in the office or in a coworking space is becoming more and more convenient with the advent of easy-to-use cloud software. But cyber attackers also see the increasing use of cloud technologies as an opportunity.

Netskope, a security cloud provider, recently released its Cloud and Threat Report, which found that cloud activity is increasing globally and 53% of all web traffic activity is now cloud-related, as is the cyber attack threat. A worrying 61% of all malware is delivered by a cloud app, up from 48% last year, suggesting an urgent need for organizations to secure their cloud operations.

“Cyber ​​criminals are increasingly abusing the most trusted and popular cloud apps, particularly for cloud phishing and cloud malware delivery,” said Ray Canzanese, threat research director at Netskope, when the report was released. “Companies using the cloud need to quickly modernize and expand their security architectures to understand data content and context for apps, cloud services and web user activities.”

Hybrid challenge

In contrast to completely remote employees who are outside the IT infrastructure of the headquarters, employees who spend a few days in the office and the rest of the week at home or in a coffee shop pose unique IT security problems. When hybrid workers return to their office, they could bring malware with them that can infect the entire network.

Finding the balance between security considerations and ease of use is a pervasive business debate. Locking down all data, whether sensitive or not, with multiple authentication tests slows staff down and harms productivity, but at the same time neglects neglecting security considerations to give employees a completely smooth experience when work outside the office leaves the network far open to hackers.

Beyond traditional security methods, including multi-factor authentication, updating anti-virus software, and using single sign-on, which can help improve cyber defenses by increasing access requirements, companies can adopt virtual private networks (VPNs) , ensure that a secure connection is established. Employees using a VPN from home can securely access company data, while cyber criminals only see encrypted data.

The provision of cloud security solutions is one of the most effective methods of blocking access routes for hackers who want to attack a company. Dozens of cybersecurity companies offer advanced cloud security services, including McAfee, FireEye, and Netskope, many of which support real-time data visibility and analysis.

Getting a complete picture of what data is stored in the cloud, who is using it, and where it is being accessed can be critical to uncovering malicious actors. When companies have their cloud data under control, unusual user behavior can be detected and access can be blocked if suspected.

In increasingly complex IT ecosystems, the introduction of zero trust policies, which allow users to only access essential resources, limits the surface available to hackers in cloud environments. Encrypting sensitive cloud data can also help protect data if it is stolen. However, protecting a company’s IT infrastructure requires more than just technological tools.

Human injuries

The human aspect of cloud security is an important security factor for companies. According to Verizon’s 2021 Data Breach Investigations Report, 85% of violations involved the human element. While the right cloud security software can help employees understand potential threats, such as: For example, warning users about external links or suspicious emails, training is also essential.

For example, the California State Controller’s Office (SCO) was the victim of a phishing attack just months ago that stole sensitive employee information, including social security numbers, and allowed hackers to send phishing emails to more than 9,000 contacts.

Regardless of where the workforce is located, all users should receive some level of training on key cyber threats that they may encounter while working. Providing comprehensive training can support hybrid workers and enable them to take full advantage of cloud collaboration tools without worrying too much about cybercriminals accessing their data.

The transition to a hybrid world of work and managing the multiple remote connections from different devices is no easy task. Clearly defining a cybersecurity strategy that takes into account the complex realities of a cloud-based work environment can help make the transition smoother and prepare for threats before a business is confronted.

source https://collegeeducationnewsllc.com/cloud-cybersecurity-in-a-hybrid-working-world/