The Cloud Security Risk of Remote Workers, and How to Stop it
Telecommuting has been on the rise for over a decade. According to research from Global Workplace Analytics and FlexJobs, the number of people working remotely in the U.S. increased by 159% between 2005 and 2017, and then increased again by 22% between 2017 and 2018.
A flexible workplace offers multiple benefits — but cloud security is a weak link that can put your business at risk. According to the 2019 Netwrix Cloud Data Security Report, 38% of organizations that employ remote workers suffered cloud data security breaches, which was double the rate reported by more traditional organizations with on-site employees only.
Why do Remote Workers Pose a Cyber Threat?
Remote workers are not limited to freelancers and contractors. Today, some employees work from home or other locations every day, or log into the corporate network occasionally when they need to, such as during a business trip or on a sick day.
It’s also common for remote workers to log into your corporate network from their own devices, which are more likely to have security vulnerabilities. For example, you have little or no ability to ensure that those devices are free from malicious software and that they are properly patched. In addition, you are less able to respond promptly if a remote user makes a mistake that leads to unauthorized data access or even data compromise.
Such mistakes are too costly to ignore: The 2019 Ponemon Cost of Data Breach study found that 24% of all data breaches are due to human error, with the total cost of a data breach being $133 per record. Costs include both direct financial impacts (e.g., compliance fines and litigation) and indirect costs caused by damage to your reputation (e.g., loss of customer loyalty and brand value).
How Can You Mitigate These Threats?
Managing remote workers properly is impossible without deep insight into what they are doing – specifically when operating in your cloud environment. To overcome the risk you need to have deep visibility into both user activities and your data:
Visibility into user activities
Visibility into who does what, where and when, enables you to quickly detect suspicious behavior and respond before you suffer a data breach. Moreover, it enables you investigate incidents thoroughly to ensure they won’t happen again and demonstrate proof of regulatory compliance to auditors. Many organizations still lack sufficient visibility into user activity: 59% of Netwrix survey respondents that employ remote workers were not able to identify the threat actors behind security incidents in the cloud.
With a software solution that provides continuous monitoring of user activities and real-time alerts, you can spot threats promptly, conduct detailed investigations, and pass compliance audits.
Visibility into data
The cloud makes sharing data easier than ever. Having insight into exactly what data you have, where it is located, which of it is most sensitive and who has access to it helps you prioritize your security efforts on the most critical or sensitive information, such as personally identifiable information (PII) of customers and employees. If you don’t know where your sensitive data resides, you cannot protect it as required by security best practices and regulatory mandates.
A data discovery and classification solution can help you locate your sensitive data so you can apply proper controls around it. Those who classify all their data are five times less likely to experience a data breach than those who don’t do it. Plus, data discovery and classification will also help you identify redundant, obsolete and trivial files (ROT), and cleaning it up will reduce data management and storage costs and boost productivity by enabling users to find the information they need more easily.
How Can Visibility Boost Your Business?
Having visibility into your cloud environment offers huge long-term benefits to your business as well. First, being able to store the personal data of your customers securely and respond promptly to requests to be forgotten will help you demonstrate your dedication to data privacy. The resulting customer loyalty is a definite competitive advantage.
Visibility into data and user activities around it also enables you to spend less time and resources on compliance — and avoid huge fines. Just think about it: as of February 2019, fines for GDPR violations already totaled $60 million, and that’s not including the fines imposed on Marriott International Inc. ($124 million) and British Airways ($230 million) in July 2019. With the introduction of additional privacy regulations worldwide (such as the CCPA in the U.S.), tools for monitoring user activity and classifying data will become even more indispensable.
Have you read?
# Best CEOs In The World 2019: Most Influential Chief Executives.
# World’s Best Countries To Invest In Or Do Business For 2019.
# Countries With The Best Quality of Life, 2019.
# Most Startup Friendly Countries In The World.
Add CEOWORLD magazine to your Google News feed.
Follow CEOWORLD magazine headlines on: Google News, LinkedIn, Twitter, and Facebook.
Thank you for supporting our journalism. Subscribe here.
For media queries, please contact: firstname.lastname@example.org