As vaccine rollouts continue across the world, employers are looking ahead to the opportunities and realities of a post-pandemic economy. Front of mind for many is formalising their workplace policies, and while it seems clear that remote working will remain a long term option, offices around the world will soon reopen and millions of people will be readjusting to sharing the same workspace with their colleagues.
In the context of what many have dubbed “The Great Return”, Google is an interesting example. Described by Forbes as a “blow to the remote work trend”, they have just announced plans to accelerate their office reopening process. After 1st September, if Google employees want to work remotely for more than 14 days per year they will have to apply for it – and going forward they are expected to live within a commutable distance of their office location. Others, meanwhile, remain publicly wedded to the hybrid model, giving employees the choice of where they work. In the UK, for instance, the Nationwide Building Society recently told its 13,000 staff to “work anywhere” – permanently.
As we all learn where employers see their future on the ‘remote – hybrid – office’ spectrum, one important issue looms large: reopening offices is a cybersecurity risk. Even in the hybrid model, employers must be sure that The Great Return does not create additional vulnerabilities. But what are the potential problems and how can they be addressed?
Documenting The Dangers
In the past 12 months, remote employees have spent more time than ever outside the boundaries of their corporate networks. The mass adoption of cloud-based services – not just the core video and collaboration tools – but any third party tools added since lockdown began, increases the range of potential vulnerabilities that returning employees bring when reconnecting directly to office infrastructure.
Another major part of the problem is the sheer scale of the risks facing employers bringing hundreds or even thousands of workers back to the office. Networks will soon be more directly exposed to a huge number of new devices that have only been used at home and that may have been exposed to malware and other vulnerabilities. While some employers provided laptops with properly configured security, many others allowed their workers to use their own technology and are now facing a range of security blindspots.
But arguably the most pressing problem is how employers can proactively mitigate the risks presented by the billions of documents created, shared and downloaded by employees while at home. Think of it this way: documents and email attachments are the most successful method used to deliver ransomware and other malicious attacks. Hackers exploit vulnerabilities in the structure of files such as PDFs, Word, Excel and PowerPoint, and it’s no exaggeration to say that these are now the biggest dangers to the cybersecurity of enterprises around the globe.
Bringing these documents back within the boundaries of corporate networks without first removing potentially malicious content and returning them to a state of ‘known good’ is likely to result in a wave of new security breaches in the months ahead. Using reactive detection-based security solutions such as anti-virus and sandboxing is no longer enough.
At Glasswall, we keep businesses moving with instant file protection. Our Content Disarm and Reconstruction (CDR) technology instantly cleans and rebuilds files to match its known good industry spec – automatically removing potential threats. This proactive defence enables you to prevent future unknown attacks, while giving users the freedom to trust every file.
If you want to be the security team that drives business forward, then try it out for yourself via our free File Drop service or learn more by visiting glasswallsolutions.com.
