Since March 2020, more than 30% of French employees now work remotely.
In the context of containment related to the coronavirus pandemic, telework has been imposed in some way on all actors in the professional world. Today, it has become a totally normal practice, because of the necessity that imposes the situation. As a result, some tools have seen their use become more important in such a way as to make them virtually unavoidable today in the professional sector.
This article will also interest you: Do you have a good command of access to sensitive data in your company?
"Since 16 March, 40% of French people have teleworked as part of the Covid-19 containment. But this gradual introduction of a "new normal" for teleworkers is not without risks. While tools such as the cloud, zoom or instant messaging are over-solicited, the rise of cyberattacks shows that implementing a mobility-specific IT security policy is more essential than ever. explains Jacques-Bruno Delaroche, Pre-sales engineer at Exclusive Networks.
When we talk about telecommuting and computer security, we tend to make two different approaches, but that are very important.
The first approach is to ask whether telecommuting is a real threat to computer security. The question is legitimate in that since the announcement of containment and the deployment of large-scale telework, security-related computer incidents have literally doubled. Experts say they were 11 times above average. However, don't go too fast, as the engineer from Exclusive Networks means. In truth, the threat is not telework itself. The problem is the organization of telework. It was rushed to meet the urgent need for adaptation. "The lack of preparation for telework, on the other hand, can pose a risk to the company. Indeed, the widespread rise of telework is accompanied by a renewed interest of hackers for old methodologies that had to be abandoned in the face of the protection measures taken by companies. Containment is an opportunity for them: it is easier to target an isolated user and tackle an insecure private network. Jacques-Bruno Delaroche. Clearly, telecommuting is not a threat to computer security. However, it facilitates the extension of attack vectors through bad behavior. That's what leads us to take an interest in the second. The one about risky practices during telework.
Speaking of bad practice during telework, the blame will be placed on an urgent organization. Many people now deployed in the field of telework do not have the necessary qualifications to use certain tools. With the Internet and social networks, the teleworker is in a world that pushes him to be distracted but also to do things that can undermine the overall security of an entire system. Companies "the question was not how to secure all positions quickly, but first of all to succeed in providing the necessary telework equipment to each employee. As a result, infrastructure sales increased significantly in mid-March… but not their security. observes Jacques-Bruno Delaroche.
Today, we would have to start all over the world, which at the base is built in a hurry. Companies need to put a lot more emphasis on training their employees. Then put in place a set of protocols to define access, authorizations and of course protections. A reorganization must be required in order to define exactly how remote collaboration reports work in order to make the exchanges much more transparent. "This is especially the case for companies using SAAS applications. Everyone who has invested in cloud migration has been able to put telework in place more easily. However, beware: increasing users' rights does not mean reducing security! The issue of access rights is strategic in terms of cybersecurity, in a context where perimeter security is no longer really a matter for us. Who accesses my apps? What rights do they have? These two issues are the bedrock of modern cybersecurity, and must be at the heart of the IT strategies of telecommuting companies today. concludes our expert.
While telework has forced companies to migrate urgently to remote collaboration technologies, it is now up to them to think about securing them.
Now access an unlimited number of passwords: