Smart working and Cybersecurity

Index

Smart working - The risks
Cybersecurity solution
The cybersecurity culture

"A way of working that detachs professional performance from the traditional constraints of space, time and tools dedicated to the performance of activities. Different from the so-called teleworking, it is based on principles of flexibility and personal responsibility, implying a review of the organisational culture".

These are the words used by the Smart Working Observatory of the Polytechnic of Milan to define the so-called remote work. A solution that has become widespread with the advent of the pandemic emergency dated March 2020 and which, it should be emphasised, is based on three key concepts: flexibility, personal responsibility and review of the organisational culture. These ingredients, identified by the Observatory in the linguistic definition phase, are not limited to offering an adequate synthesis of smart principles, but are also fundamental in the analysis process related to the smart working - cyber security relationship. Because a debate concerning remote work cannot be dispensed with a necessary reflection in terms of computer security.

Smart working - The risks

The rapid manifestation of the health crisis has in fact highlighted a particularly urgent problem that is not easy to solve. The "digital" conversion that many companies, unprepared for change, have been forced to accelerate to cope with the emergency and guarantee adequate remote solutions for their employees, has, in fact, outlined a employment panorama within which many workers have found themselves disoriented, at least in relation to cybersecurity problems.

There are, in fact, many people who, uprooted from their offices, began to work in smart working without being fully aware of the risks involved and, therefore, of the correct behaviour to be held. It is not surprising, in this sense, that the number of phishing attacks and, more generally, cyber-scams, has increased significantly over the last two years.

Problems that have arisen, in most cases, due to the use of personal devices connected to business systems by external networks; devices that are not adequately monitored and therefore more easily vulnerable.

Cybersecurity solution

What solutions to adopt then to try to make smart working more efficient also in terms of cyber security?

Password: first of all, however trivial, it is absolutely essential that each worker knows the principles of proper password management. Both during the creation phase and during the preservation and periodic replacement phase of the same, this element can be decisive in order to better protect your work and your company.
Cloud and backup: every company should take care to provide as precise information as possible so that the management of data in the Cloud is accompanied by regular data backup operations, necessary to increase the security of its files.
VPN: as we have already emphasised, remote connections are most often to be considered responsible for the computer vulnerability of a company. Reason why today it has become common use to use the so-called protected VPN connections; possibly made available by the company itself.
Provider: the exploitation of a provider for the management of services and the consequent creation of a digital workspace called a smart working Platform, protected from external attacks, is one of the solutions considered by many companies.
Zero trust: another particularly popular approach at the moment is the "zero trust" application model, based on the idea that within the boundaries of the IT perimeter there is nothing considered 100% secure. Reason that underlies a systematic reduction in the scope of action of the devices and a more frequent user authentication request. So as to minimise the risks of hacker attack.

The cybersecurity culture

The zero trust model, the use of VPN and providers, proper password management and frequent backups are, we repeat, very useful tools to ensure a successful combination of smart work and cybersecurity. However, the best solution that can be adopted, especially in the long term, is a specific training of workers in the field of computer security.

Only prepared employees who are aware of the risks that every remote connection opportunity entails can promote a continuous growth of smart working; and only a combined growth of smart work and computer security can favour the mission that NotOnlyDesk dreams of realising for the present and for the future.