The shift from cubicle isolation to remote working has been a slow migration for a while now, but due to the unprecedented event that has affected the entire globe the winds have shifted, creating a “New Norm” - working from home.
With our level of sophisticated and readily available online communication the work disruption for myriad industries is minimal, other than Internet congestion. What isn’t minimal, however, is cyber criminal activity; this is more prominent than ever before. Take this recent post from Forbes for example, that states, “CyberNews claims the discovery of an unsecured database comprising 800 gigabytes of personal user information. This included more than 200 million detailed user records—putting an astonishing number of people at risk.” By the time you’ve read up to here, there have undoubtedly been many more such instances.
The biggest reason for this is the use of open source software. By now, most are aware of “Zoom Bombing”, where hackers are breaking into meetings and shouting racist slurs, putting up pornographic images or revealing personal information of the participants. But it’s not confined to Zoom, in fact it appears this level of breachability is true of any app that allows login via Facebook API.
Once you add in the despicable act of fraudulent emails seemingly from government agencies -- or other reputable sources that are preying on fear and are infected with malware, and even IoT devices like Alexa recording your voice transgressions, one can start to get a mental picture of this Grand Canyon of a situation.
There are easily implementable processes to remedy this problem: use only encrypted emails, password verifications for online video/conference call apps link invites (even if the administrator monitors the participants), the trusty chestnut “think before you click” and, most effective of all, using an internal VPN that remote devices are also locked into. The problem is that the most effective remedies cost money.
Now it’s understandable that the current toxic environment is forcing a major refurbish of how money is allocated within an organization to keep it afloat. Unfortunately, one of the more frequent budget cuts seems to be the investment into online security practices. A 30 second perusal of any subreddit forum on cyber security, industry blogs, or even Twitter will show many complaints of breaches and management’s lack of funds or, inexplicably, the urgency to do anything about it. The New Norm’s mission statement must be “responsible change.”
After everything settles down business won’t revert back to the old ways. Productivity numbers will show that effectiveness and profit margin are maintained, perhaps even increased with employees working from home (exempting, of course, the service industry, production plants and delivery services). This shift should force the hand of executives to take Internet security even more seriously. This is a good thing. However, as the global economic base swims into new waters, best to recall the words of the rock band The Who, “Meet the new boss, same as the old boss.”