Securing cloud access for remote workers
By Kevin Prone, Head of Service Development at Nowcomm
In a series of blogs we have been exploring the cybersecurity issues businesses face in an era of increased home working and how they can best tackle them. In this blog we look at how businesses can secure access to the cloud based systems remote workers may be using.
Our previous blog explored how the Coronavirus crisis is changing the way that we work as a society at a rapid rate. More and more employees are working from home and as a result cybersecurity for remote workers has become a pressing issue. This blog will look at a quick win that is available to executives and management teams: ensuring that your remote workers have secure access to cloud-based applications the organisation is using.
Cloud applications are an essential tool for remote workers, so that they can share files and collaborate with co-workers. By their very nature, however, the remote access that they provide can lead to sensitive data being compromised. The Coronavirus lockdown has forced many employees – and organisations – to adopt additional cloud technologies without really thinking about the security implications. And employees themselves work based on the tasks they need to complete, rather than beginning with thinking about data security,
As such, the foundational task for organisations which have switched to cloud-based technologies is to require employees to protect their accounts with more than just a username and password, but with two-factor or multi-factor authentication. Passwords, of course, should not be the same as those used for personal accounts – or be among the most hackable passwords, such as ‘123456’ or passwords made of a string of the same letter or number. A further protective measure, is to deploy a service that proactively monitors when corporate credentials (such as usernames and passwords) may have been comprised and are listed, traded or released in “dark web” locations of the internet that can be used by cyber criminals to target an attack or to probe these individuals or the wider organisation itself.
Eliminate global sign-ins
Organisations should create policies that do not allow employees to use global sign-in options for applications. Many cloud services offer the ability to create and allow access by connecting with your personal social media accounts, your search engine email account, your sales CRM login or even your corporate email username and password. It is essential that workers only ever share login details across platforms when explicitly directed by their IT department. Multiple connected accounts equal multiple exposures should the main username and password be compromised.
Every corporate IT stack is unique but there are user-centric two-factor and multi-factor authentication platforms available which can work across them all and offer the organisation centralised management and complete control. Regardless of whether your cloud is built on the likes of Microsoft Azure, Amazon Web Services, Google Cloud, selecting an independent multifactor access solution to all clouds provides a solid underpinning of your cloud architecture, and typically an independent solution will work with or without a Virtual Private Network (VPN). This means an organisation can protect legacy on premise system access too, increasing user satisfaction, lowering complexity and minimising overhead on your IT team.
A layered approach
Such solutions can also prevent logins and access from certain countries and even make sure that the devices employees use to access the cloud from are individually authorised, giving additional layers of peace of mind to network managers and employees alike.
Indeed, a layered approach is crucial to building up robust security for remote working, with different layers of technology all ‘talking’ to each other and sharing key security information for a more complete picture. This brings us on to the need to protect the remote worker’s gateway to an organisation’s network and ensure this is delivered universally, which we will explore in our next blog.