As the world recovers from the current COVID-19 pandemic, it is interesting to consider which short-term effects may carry over (Phil Smith III wrote previously about the long term effects of Covid-19 and why encryption will be needed more than ever). Persistent change after pandemics dates back at least to the Black Death in the 1300s, which greatly increased both power and mobility among peasants in Europe and Western Europe.
One area likely to be affected is how we collaborate. A few years ago, it was generally held that employees had to be in the office to communicate and work together: remote working was considered a novelty and less productive. Now that assembling in an office is no longer possible, companies are forced to allow staff to work from home.
For many jobs, remote work has proven not to be as disruptive as feared. There are still challenges, such as getting the right equipment to employees. Another problem is security, which is somewhat easier to scope for a centralized workforce. One common problem: while most enterprises have VPNs for remote workers, many have found that they do not have enough capacity for everyone to use.
A key concern is protection of both intellectual property assets and customer data, which are now spread around, outside corporate control. For example, Data Loss and Prevention tools can effectively reduce risk when people are located in an office, but generally become blockers to collaboration in distributed work environments. Too many companies still put such security Band-Aids around systems, rather than moving towards an approach that protects those assets from new, evolving attack vectors: that approach is data-centric security.
Voltage Security has always taken the data-centric approach, enabling hundreds of companies, large and small, to protect their data by encrypting or tokenizing it in a way that allows business to operate without exposing the live data to attack.
Data-centric security becomes even more important with remote workforces. Instead of continuing with a patchwork of security solutions, data-centric focuses on the data itself: spreadsheets, PowerPoint presentations, Word documents, et al., which are now stored on user machines at home. An attacker who infiltrates the home network through another device can gain access to the worker’s laptop, and suddenly all those files are at risk.
Data-centric moves protection to the files themselves, including security policies that travel with the data to control access. This ensures that only people with the right privileges can work on the files directly. But when people collaborate, files are sent back and forth, and need the same protection. Voltage SmartCipher can provide this needed security, providing robust, policy-based encryption that travels with the data, including control over creation of derivative work through copying and pasting.
Of course, before you can protect the data, you have to know that it is there. Data discovery tools like Micro Focus File Analysis Suite can find those sensitive documents so we can protect them. When data must be shared with trusted outsiders, Voltage SecureMail enables easy-to-use email encryption without requiring a special client.
And all of these tools provide usage information about how data is being used, copied, and transmitted to others, inside and outside the company, giving the security team the needed insight as to what is happening.
Nobody expects that everyone will return to the pre-COVID working environment; let’s make sure that we have the proper security mechanisms in place to protect our companies in a future that will likely include increased remote workforce collaboration!
***Special Offer*** Micro Focus would like to help make it easier to ensure business continuity for your remote workers and your organization during the coronavirus crisis. We are offering several packages designed to help you and your teams, including a 90-day trial of Voltage SecureMail which is mentioned in this post . Please visit our business continuity offers page to learn more.
Data security and encryption