It has been a full year with the COVID-19 pandemic running on the entire world and everyone’s life has been affected. But how has it impacted cybersecurity?
We asked David Chasteen, a partner here at SideChannel, to share his perspective on how cybersecurity has been affected by COVID-19.
“A year into the COVID-19 pandemic, we’ve seen a clear distinction between traditional companies and companies that have successfully migrated to the cloud. In legacy industries, there has been hesitation to move to the cloud due to perceived cost and security issues. However, companies that successfully completed this migration, have found themselves in a much better situation than their peers who are struggling to support a workforce from home, at scale, for the first time, during a global pandemic.
For most of the workforce, the majority of the things being done in a properly-deployed cloud are arguably better secured than on-premises or via VPN. Although some organizations prefer the idea of control and visibility of running all corporate traffic through a VPN, if they have successfully migrated to the cloud then it is optional in many cases.
There was a common belief in the past that working in the office was inherently safer than one’s home when it comes to cybersecurity protection. In practice, we’re finding, there is nothing inherently more secure about the office.
The key thing to keep in mind here is that teams will access resources via the most convenient route. If remote access is enabled, it will be done on a massive scale. If you have G-Suite or O365 or Salesforce enabled so that folks can do work on their mobile devices or after hours, you already have a de facto work from home scenario, even if you hadn’t thought of yourself as a work-from-home organization. In most cases, there isn’t much in the way of net new risk.
Employees having the ability to check emails after hours are no more or less secure now than they were then. You are no more secure than your least secure access point. The whole protected inside and dangerous outside was pretty antiquated before the pandemic, but this is the nail in the coffin. If you’re using the mobile access technologies that you’re paying for to get that additional productivity from your workforce, you should already be thinking from a zero-trust mindset.”
If you want to know more on this topic, this is an article we’ve reviewed from Security Magazine.