Security

Making Remote Working Secure and Sustainable

“Connectivity came first—but now it’s time to assess your security gaps.”

Establishing connectivity first was the decision that many organisations took in their initial response to remote working. This has left a lot of companies exposed to cybercriminals. Could your company be one of these? Research from Ivanti demonstrates that cyber-attacks targeting remote workers have risen by an astonishing 30,000% this year. These attacks include phishing, website, and malware attacks of remote users. IT teams must minimise risk with continuous management and early intervention.

Cyber security investments are now deemed a necessity. Companies who invested in secure IT infrastructures to facilitate remote working without compromising security are now benefiting from long term solutions.

Key points to consider when moving forward with a secure workplace include:

  • Uncovering and eliminating your security gaps in your remote working set up
  • Implementing your secure remote work models for the long term; these are going to be needed for an extended period or permanently.
Close your security gaps

If IT opened firewall ports to allow remote access, now is the time to assess if there are products available that allow these ports to be closed but still afford remote working.

Office internet bandwidth

If staff are using video conferencing, this is likely to consume between 2 and 4 Mbps per user. This may have worked when staff were at home, since Ofcom reports that the average UK home internet download speed is 64 Mbps. However, offices often have 100 Mbps connections or less, so if an office is half populated and they are still using video conferencing, office Internet connections can become quickly saturated. Now these changes are required as more long term strategies, change and risk management processes that might have been undermined need to be considered.

Unapproved file sharing applications

One big area of concern involves unapproved file sharing applications. Many companies started using the applications without investigating security issues due to the level of complexity and time involved to conduct a risk review. If your company expanded remote connectivity with shortcuts, you need an assessment that focusses on reviewing access, the threats your remote workers might be creating and the current controls in place.

Quick self-check

Key questions your company should be asking include:

  • What cyber-hygiene practises do we use, and which do we need to add?
  • Are we managing our operational, regulatory and compliance risks?
  • How well are we monitoring employees’ use of devices and applications (e.g., file-sharing, video-conferencing, collaborative work)?
  • Do our computers have properly configured firewalls, including installed anti-malware and intrusion prevention software? 
  • How are we communicating with employees regarding secure practices like encryption of home routers and Wi-Fi networks, prompt installation of software updates, the handling of digital and printed information and adherence to confidentiality rules? (See our ‘secure remote working employee handout’ for more details.)
Implementing secure remote work models for the long term

Companies that quickly implemented secure IT infrastructure models that offer a long-term solution have distinguished themselves from the rest. Investments in solid technical infrastructures gives you confidence that you implemented marketing leading solutions and minimised risks moving forward. Investments in the Cloud, in modernising network architectures supporting legacy requirements, and in modern applications have paid off. Implementing such processes means business are running as normal both remotely and in the workplace whilst maintain high levels of security.

No one knows how long the COVID-19 pandemic is going to last. Companies need to implement a mix of both office and remote based work for the foreseeable future. Here are some points you should consider adopting to reduce risks of remote working over the longer term:

  • Cloud technology that allows scalability of both reduction and increased users numbers e.g. Cloud-Hosted Desktop
  • Solutions that give anywhere-anytime security whilst maintaining efficient user friendly IT systems
  • End-to-End point security
  • Robust risk analysis scenario planning
  • Virtual security operations centres that enable remote work

Cranberry Cloud is one of a range of cloud-based services from Tivarri. Being one of the longest-serving providers in this market, with extensive knowledge of cloud technology, we have been heavily involved in industry wide communication protocols used for secure remote access. We provide full office collaboration with all common industry applications supported including Bloomberg professional. This has allowed us to successfully migrated thousands of applications to our cloud-hosted Desktop platforms.

Speak to one of our experts today:

[email protected] | 01225 428879

Long Walk Back to the Office - Post-Covid after Remote Working

Hybrid Working for Hedge Funds: is Cloud IT the new normal?

Investment firms such as hedge funds, asset managers, wealth management and private equity firms are facing new hybrid working arrangements. Is now the moment to consider specialist cloud-hosted IT for hybrid working, in addition to its established benefits in cybersecurity and regulatory compliance?

Making the Unthinkable Work

Unprecedented change has meant that investment firms have switched their attention to be effective whilst working remotely. With workplace restrictions easing, you are now looking at slowly letting employees back into the office. However, the new status quo means implementing and adapting to new workplace practises or risking a future without sustainable success. In most cases the return to an office will not be binary: most employees expect more flexibility, with hybrid working arrangements comprising a mix of home, remote and office working.

For those organisations with on-site systems, the switch to remote working created significant network and remote access challenges. If all your users are now coming back to the office, it might seem that you can simply back out those changes and return to normal. But is it that simple? Everything we see implies only a partial return to the office, meaning you will need to implement further changes to make a mixed population of home and office-based users work securely and effectively.

Returning to a New Office Experience

Research conducted by Morgan Stanley highlights workers in London are much more likely to continue to work remotely compared to other European capitals. 82% of people who responded wished to continue to work partially from home.

A survey conducted by LinkedIn has found that one in five (20%) said that they intend to continue working from home until they feel more comfortable in a work place environment.  Just 24% said they wished to return to normal working in the office. 76% of workers wanted to change their working practice including limiting their time in the office to a few days a week and to minimise physical contact, emphasising the growing demand for flexible working arrangements.

Hedge funds will need to consider their staff’s new expectation or risk employee resistance and other implications further down the line. It is important for investment firms to implement IT processes that are versatile and that offer long-term solutions ensuring efficiency, flexibility and security.

Moving back – What You Need to Consider

Having employees working effectively from two locations raises several questions:

  • How will you integrate the new collaboration and video conferencing apps back in the office?
  • Are you going to add additional bandwidth to accommodate the new applications and file sharing so you do not experience a slower connection? At what cost?
  • How secure are the new applications you adopted?
  • Do you have the resources to handle both office-based and home-based employees?
  • If you utilise a local server that has been adapted to allow effective remote working, how is your firewall going to work with a split workforce?
  • How much will it cost to have your firewall modified again?
  • What are your more permanent alternatives?

Is Now the Time to Consider Moving to the Cloud?

Cranberry Cloud is one of a range of cloud-based services from Tivarri. Being one of the longest-serving providers in this market, with extensive knowledge of cloud technology for regulated companies, we have been heavily involved in industry wide communication protocols used for secure remote access. We provide full office collaboration with all common industry applications supported including Bloomberg professional. This has allowed us to successfully migrated thousands of applications to our cloud-hosted Desktop platforms.

We have extensive knowledge of Microsoft licensing options, enabling us to provide you with a cost-effective solution. Tivarri also provides a disaster recovery service SystemFlip Continuous Recovery and small footprint low energy fan-less computers Cranberry Computer.

In our next article we will look at the operation issues with “Making Remote working Secure and Sustainable”

Do you have questions about how returning to work is going to affect your IT systems?

Get in touch and speak to an expert.

[email protected] | 01225 428879

cranberry-cloud-ISO27001

ISO27001 – check the small print

Regulation

ISO27001 (Information Security) recognition of the standard and security of services we offer

Security of our Client’s data is critical for any Cloud service and so we built our service based on best practice principles which are mandated in the ISO27001:2013 standard – the preferred standard for information security management.

Many companies claim ISO27001 compliance, but they will often only certify a specific service or application e.g. certify a single product when they have a portfolio of 50, but make it appear that it applies to their entire business.

Tivarri has been certified ISO27001 against the latest version of the specification (2013) for the entire business and all our operations. This gives customers confidence that all the services that we offer are fully ISO complaint. For those customers who need to undertake annual information security audits, this should make the IT component of the audit straightforward. Please don’t forget that we are always on-hand to assist with your audit questions or to speak to your auditors directly on your behalf.

It you have any IT related questions regarding regulation, Cloud services, security or best practice please do not hesitate to contact us.

cranberry-cloud-CrownCommercialServiceSupplier

Tivarri is GCLOUD-12 certified

Tivarri has been approved as a Crown Commercial Service Cloud Hosting service provider under the new GCloud-12 framework. This means the same hosted desktop service that our customers are using today, Cranberry Cloud, has been approved for UK Government use.

This benefits all our customers as the Crown Commercial Service now monitors our business performance – credit scores, financial stress scores, investigates specific queries raised about suppliers, and performs random spot checks on services to ensure we match their service requirements as required for government contracts. This gives an additional level of assurance over the services we offer and the long-term sustainability of the Tivarri business.