HOW TO PREPARE FOR AND ANTICIPATE THE FULL RESUMPTION OF BUSINESS ACTIVITIES WHILE MAINTAINING CONTROL OVER DATA SECURITY?
One third of employees were forced to change their way of working during lockdown; ways French people would like to pursue in the future: 73% of employees want to continue working remotely beyond the lockdown period (Onelogin survey, April 2020). A trend which is also confirmed with our European neighbors: 67% of employees in Ireland and Germany want to continue working remotely.
Some major corporations are even planning to generalize telecommuting for their employees: while 95% of Facebook’s workforce is working remotely, Mark Zuckerberg announced that within 5 to 10 years, 50% of its employees could be permanently telecommuting.
The sudden and massive recourse to remote work is associated with real cyber-security issues and leading organizations to accelerate their digital transformation. The primary driver is to ensure employees have the necessary and secure tools at their disposal, regardless of the workplace they choose.
COVID-19, global crash test for the data security
We have seen widespread use of collaborative tools to facilitate information sharing and remote storage. The use of Microsoft’s cloud computing service has increased by [1]775% in countries and regions applying lockdown measures.
This trend also benefits a few consumer tools, which is not without risks since some of these popular communication solutions, such as WhatsApp or Zoom, fall regularly victim to security breaches. Last April, BleepingComputer revealed that over 500,000 Zoom accounts were offered for sale on the Dark Web.
For CIOs and CISOs, lockdown has been an unprecedented experience on a large scale. They had to manage this crisis by urgently modifying infrastructures, distributing workstations outside the organization, and opening network links to access critical applications and resources. In many cases, this urgency meant the above could not be implemented by following the usual validation procedures.
CIOs and CISOs have had to deal, among other things, with network saturation and IT security issues. It also allowed them to test the reliability of their collaborative tools and their security environment.
At Veolia, IT teams did not wait for the Covid-19 crisis to develop secure digital remote working environments that bring together in a single point all the information and processes essential for their employees to operate smoothly. Today, thanks to a full digital workplace that has been deployed over a long period of time, more than 20,000 out of 50,000 employees based in France are working remotely.[2] “Our digital strategy is enshrined in Veolia’s 2023 strategic plan. It translates into the desire to provide digital solutions as services, but also by developing solutions in association with the CIOs of each area within the concept of a global digital factory”, explains Didier Bove, Group CIO.
Cloud and SaaS security solutions, favored by IT for their level of security and for the quality of service provided by their chosen partners, have a bright future ahead of them. According to Gartner, in 2019, the market for Cloud Management and Security Services was already estimated to be above $424 million.
What about tomorrow? Mobility, flexibility, and communications security
According to the latest FireEye report, 17 APT (Advanced Persistent Threat) groups and 6 FIN (Financial Threat Groups) groups, linked to 6 countries (especially China and Russia), were the main perpetrators of cyber-attacks in 2019. Faced with this constant danger, organizations have become aware of the importance of investing in cyber-security to ensure their sustainability, and have increased their budgets accordingly.[3] Good resolutions that need to be made in an informed manner, especially when it comes to sharing confidential information and files. In the rush to implement lockdown, organizations may have resorted to consumer tools that are quick and easy to install, sometimes at the expense of their security levels.
The challenge for organizations is therefore to provide long-term support to employees for their various ways of working, and anticipate the organizational and economic impact of possible future crises. This preparation also requires protection from the threats that arise as a consequence. This includes security measures implemented to protect business assets, as well as employee awareness of cyber-risks. As for the selection of trusted solutions, the CIO/CISO duo is on the warpath to find and vet secure collaboration and communication tools for the post-lockdown era; tools that will have to match security policy and business needs.
In addition, we must not forget the exposure of employees to attacks: organizations must raise their awareness by providing training and carrying out stress tests to confront them with real-world attack situations. Conducting role-playing exercises will help prepare managers, legal teams and other stakeholders for incident response processes and concepts. This way, everyone knows their role when the time comes.
On the business side, employees expect more mobility, more flexibility, more communication and more security from their organizations. “I believe this crisis will have the collateral benefit of helping us progress, both in terms of technological foundations and behaviors and the way we operate”, declares Erwan Penhéleux, head of UCC France.
This crisis has led to changes in procedures, behaviors and working methods, which require an understanding of the importance of IT and technological foundations to ensure the security of tomorrow’s ways of working and to anticipate crisis management. At PSA, Xavier Chéreau, Group HR Director, is accelerating the company’s thought process regarding the implementation of a real telecommuting organization policy: “What will be PSA’s needs in terms of new jobs and new training required for your employees? We have already begun to identify strategic skills in terms of digitization across all departments and business lines. This has been quantified according to new technologies, the rise of IT tools, the need to operate in networks and communities, etc. We will need to speed up. These tools will affect the evolution of occupations.” [4]
In the future, organizations will have to deal with the expectations of employees and the evolving digital economy. On the business side, employees expect high-performance professional equipment, a reliable and secure connection and trusted collaborative tools. On the other hand, organizations are inclined to be more digitally independent from American and Chinese industry giants. A digital sovereignty claimed by a flourishing French market with multiple suppliers of secure solutions qualified by ANSSI, one of the most demanding agencies in Europe in terms of security.
Ercom and Thales are committed to protect your data in all circumstances, by offering free collaboration solutions to businesses and administrations to help them share and store files securely with Cryptobox (free for 45 days, non-binding[2]), and to exchange instantly and securely with their employees at any time with Citadel Team (non-binding).
These solutions, referenced by the French Ministry of Economy, Finance, Action and Public Accounts, are designed to help all departments and functions secure their documents and confidential communications against hacking and data leakage.
Don’t hesitate any longer and protect your business!
[1] https://usbeketrica.com/article/confinement-les-defis-technologiques-du-teletravail
[2] https://www.journaldunet.com/solutions/dsi/1490957-chez-veolia-20-000-salaries-francais-en-teletravail-grace-a-une-digital-workplace/
[3] https://content.fireeye.com/m-trends/rpt-m-trends-2020
[4] https://www.lepoint.fr/economie/ressources-humaines-comment-le-covid-19-revolutionne-psa-11-05-2020-2374932_28.php