Due to the global pandemic situation that we are experiencing and, following the rules established by the different governments and health entities, teleworking has been imposed to comply with the recommendations for social distancing. The appearance of COVID-19 accelerated the need to remotely manage activities in companies that allowed it, many of them being forced to urgently enable access to corporate networks, in many cases not very secure.
Nowadays, the applications and resources of companies are not always within their data centers, now the environments are hybrid, with part of these applications in the cloud. On the other hand, access to these resources is also not the same as before, now in addition to PCs, smartphones or tablets are used, which, in many cases, also connect from external public networks to organizations.
Companies that have opted for digitization have been migrating part of their services to cloud enviroments and with this they have profited from this need for teleworking, since they offer their employees full mobility and availability of their resources and applications from any device or location without having to implement VPNs for all of their workers.
However, these accesses to services or cloud environments are not always as secure as they seem a priori, but rather require additional security as do on-premise services to fully guarantee their protection against cyber threats. With CASB (Cloud Access Security Broker) or Firewall Cloud solutions, companies can have full visibility, advanced threat protection, data protection and avoid information leakage in both public and private cloud environments.
One of the most commonly used attacks today, during this pandemic situation, is phishing. That is why we must pay special attention to the security of the devices that carry out the accesses, may they be PCs or mobiles; in securing mail and browsing; and, finally, in the use of multiple factor authentication tools (MFA) to prevent identity theft and credential theft.
By no means, there are many challenges and threats that organizations face in order to have secure telework conditions, but also many tools that allow them to implement the necessary security measures to avoid being committed. In addition to the technical means, it will be necessary to have a well-planned digital transformation strategy, where communication and, particularly, security awareness, will be key to achieving adoption and expected performance in the company.