CONNECTING THE DEFENCE COMMUNITY WITH INSIGHT, INTELLIGENCE & OPPORTUNITIES

Officially Supported By: Defence Contracts International Supply2Defence

Official Media Partners for:

Writing for Defence Online, Libby Bagley, Community Manager at License Dashboard, explores the cyber threats arising from remote working.

The pandemic has arguably been the greatest accelerator of digital transformation, spurring a global move to remote working, and forever altering the way we do business.

However, working from home inevitably leaves an organisation more vulnerable to security threats. With many companies shifting to the cloud and taking advantage of popular tools like Microsoft 365, employees are accessing files and software from multiple locations, networks and devices. Whilst these capabilities may be beneficial from an operations perspective by promoting greater collaboration and productivity, they aren’t without their risks.

Add to this reliance on cloud-based software, both a growing number of security breaches, and increasingly sophisticated malware, and it becomes clear that the safety of remote working is something every business needs to be prioritising.

The security risks posed by software and how to stay on top of them

The average home environment is far less robust in terms of security than a typical office setup, with admin rights, for example, enabling staff to easily and quickly download free trials of products that pose a threat to important information like customer data and financial stats. On top of this, remote teams are unlikely to be on the same centralised system for updating anti-virus software. Here are some of the most common problems:

The use of outdated software

One of the biggest risks to your businesses is outdated software, or employees not updating software. This makes you a target for cyber criminals. Software vendors are continually fixing vulnerabilities and adding patches, and it’s important to take advantage of this. Putting off updates leaves you exposed to security flaws so it really isn’t worth the risk.

Adding software indiscriminately

A key way to stay on top of software misuse and its impact on cybersecurity, is to stay vigilant to rogue IT installations and unmanaged or unregulated IT resources. This includes everything from illegal downloads to online purchases from an unknown vendor, and becomes even more of a risk if employees are sharing devices with other household members.

Sharing removable media

Another common issue, but one that can cause real issues, is the use of removable media. When inappropriate software is shared from machine to machine, it can compromise assets, open breaches, or cause similar problems.

In order to mitigate these problems you of course need to be aware of them, and in order to be aware of them, you first need full visibility of your entire IT estate. This is where software asset management (SAM) comes in. Software asset management is the practice of overseeing every aspect of software asset management, from deployment to end of life. A comprehensive SAM strategy gives you a complete view of all the software licenses and deployments within your organisation, as well as how this software is being used, by whom, and when – user activity is key when mitigating risk.

SAM tools also allow IT departments to establish that all products are up to date and any necessary patches have been successfully installed, and often, these updates and patches can be automatically downloaded or deployed by the systems SAM tools hook onto. This goes a long way to making sure any vulnerabilities that could affect your business have been removed.

The challenge of managing software licenses during a pandemic

Keeping track of software licenses is even more challenging during a time of high staff turnover. Many businesses have had to make redundancies, with unemployment levels recently reaching 5%, while other companies are looking to rebuild their workforce and fast. As staff come and go, applications may be assigned to individuals who no longer work for the organisation, so managing software licenses needs to be a core part of your leavers and movers policy; not only for cost control, but cybersecurity too. After all, as we’ve touched upon, you can’t protect against what you aren’t aware of.

Making security and software asset management a part of your company culture

It goes without saying that if you want to alleviate risk, then people must first be educated on what those risks are. When it comes to a new way of working, such as a shift to the cloud, or simple seemingly harmless acts like sharing software between machines, many employees will be unaware of the implications of their actions, which is why it’s so important to raise awareness of the link between remote working, correct software usage, and cybersecurity.

It’s something that needs to become part of your culture, and one that needs to incorporate different departments. Software asset management and security no longer sits firmly in the IT department’s remit, but should involve team leaders across all areas of the business, including HR.

When the pandemic initially hit and the first lockdown came into place, the emphasis was very much on productivity; ensuring an individual could continue to do their job efficiently from home. With remote working set to continue in some form or other for many businesses, this priority needs to shift towards security and that means increasing visibility of your business’s software use.

Libby Bagley is Community Manager at License Dashboard, which specialises in software asset management and licensing expertise for large and fast-growing organisations.

If you would like to join our community and read more articles like this then please click here

Cyber Libby Bagley License Dashboard Remote working

Post written by: Matt Brown

RELATED ARTICLES

Open-source intelligence (OSINT) is now critical to defence and national security, but the sheer volume of available online multi-media data and its complexity put analysis beyond human ability.

November 19, 2024

OSINT Technology advances are just what the UKs hard-pressed defence sector needs

Open-source intelligence (OSINT) is now critical to defence and national security, but the sheer volume of available online multi-media data

Enhancing allied cyber defences through multinational Exercise Baltic Mule.

July 30, 2024

Homeland - Improving cyber resilience of frontline forces in Europe

Enhancing allied cyber defences through multinational Exercise Baltic Mule. Exercise Baltic Mule was a joint UK and Poland led exercise to