Intelligent CISO Issue 32 | Page 38

Moving forward , organisations will have to stop differentiating between access within the corporate office and remote access .
FEATURE

Moving forward , organisations will have to stop differentiating between access within the corporate office and remote access .

Other businesses simply didn ’ t have enough laptops to provide to their workforce . Others might have had them , but the logistics of getting them to their employees was unfeasible . To handle the shortage of devices , some businesses started separating workforces into two teams and alternating between working remotely and in the office .
These were scrappy times for enabling remote working , and with pressure mounting to ensure productivity and profitability , businesses became ever more desperate to keep their workforces connected .
April and May – The bypassing phase
By this point , connectivity was the key resource every business needed to ensure its continuity . There was mounting pressure and a complete reliance on the IT team to facilitate this connectivity . For those without the infrastructure to enable it in short order , sacrifices had to be made to achieve it . More often than not , this meant bypassing security controls .
For those with hardware shortages , they empowered employees to take their entire desktop workstations home and connect them to their home networks . Alternatively , IT teams spun up low cost remote desktop solutions , enabling workers to use their personal computers , or home tablet , to remotely access the corporate network . Security policy would never have allowed this under normal circumstances .
June – The hero IT team and stability
By June , through the hard work and resourcefulness of IT teams around the world , businesses managed to take a breath . By this point of the pandemic , the solutions that had been put in place in April and May were up and running and business productivity was stabilising .
For the IT team , this signalled a more profound shift . For once , IT had become a critical business function , with a bigger seat at the table . The IT teams were rightly celebrated for their achievements .
This stability , however , was temporary and limited to access and connectivity . Security had been bypassed and the end of summer would begin to reveal those vulnerabilities .
August to November – The cracks begin to show
In mid-October , the US National Security Agency released a list of the top 25 security vulnerabilities that Chinese hackers are actively exploiting to steal intellectual property , economic , political and military information . It ’ s
38 www . intelligentciso . com