The COVID-19 pandemic is an ongoing tragedy. Cases have grown exponentially, and the death toll continues to rise. In response to the outbreak, governments worldwide have placed tight restrictions on daily life; restrictions that have also transformed patterns of work. Suddenly, millions of workers have traded the office for a digital workplace.
Remote work is nothing new. It has been around for decades, and in recent times up to one in five businesses have made it the norm.
But now, that number is closer to five in five. Many more businesses now have to lean on a suite of cloud platforms in order to keep their employees connected and productive. Microsoft was quick to make premium features of its Teams collaboration platform free for six months to help companies cope. Slack has recorded a net increase of 7,000 customers since the beginning of February; 40% more than it typically has in a whole quarter.
As companies transition wholesale to a digital workspace, the question arises: How can they stay secure? How can they ensure that the third party cloud channels they now rely upon are safe and compliant?
Invisible Employee Interactions
In December of last year, the CEO of a luggage startup Away ended up resigning because she helped foster a toxic working environment on Slack. Lots of factors go into creating such an environment, and 99% of companies manage to use Slack just fine. However, brilliant though the platform is — it does come with some inbuilt challenges that need to be overcome.
In a conventional office setting, managers enjoy automatic oversight of employee behavior.
They can overhear inappropriate remarks, or detect signs of bullying, and swiftly refer incidents to HR. There are a limited amount of private, one-on-one or small group interactions, and so very little goes undetected by the people whose job it is to enforce company policies.
But within collaboration platforms like Slack and Microsoft Teams? In effect, a company’s entire water cooler environment becomes digital, and far less visible.
Instantly, HR and compliance teams are faced with a major visibility issue. They can set company policies, but they have must confront challenges of speed and scale. Some enterprises can produce 40-70,000 Slack messages per day. If they can’t see what staff are saying to one another, it’s difficult to ensure compliance or a safe work environment.
Invisible Customer Interactions
Now that many more companies have moved wholesale to a digital workspace, it isn’t just internal interactions that are the issue.
In an office environment, there are easy ways to monitor and refine how employees are communicating with customers. People overhear or supervise customer calls. Lots of rendezvouses happen in person. Discussions take place at events like conferences or industry meet-ups.
But now? More than ever, companies’ interactions with their customers will be occurring within social media and messaging apps. For most industries, these are the only points of contact they have left.
Under the COVID-19 lockdown, there are no office appointments, no working lunches, no industry events, no shop floor. All that is left are digital cloud channels. Digital — is where all of the customer communication now lives.
And once again: Companies have no visibility here. Many industries face stringent regulations regarding how they can communicate with customers. Pharmaceutical companies have to monitor conversations for mentions of adverse events or off-label usage.
Financial services institutions need to watch for promissory language and capture all complaints. Every industry has its own examples. But if compliance teams can’t even properly monitor the platforms that their employees are using, how can they do their jobs?
Too Many Cyberattacks to Track
Malicious cybercriminals are rubbing their hands at the prospect of millions of people trading important and sensitive information online.
As large droves of office employees move to the digital workplace to continue operations during the COVID-19 pandemic, cybersecurity experts are understandably urging remote workers to strengthen their existing security measures.
In a recent public alert, the Cybersecurity and Infrastructure Security Agency (CISA), the cyber division of the US Department of Homeland Security, urged remote employees to secure “devices being used to remote into work environments with the latest software patches and security configurations.”
Software patches are important; this is solid advice. But this isn’t enough, because staying secure is about far more than repelling hackers.
Some of the worst cyber threats are phishing attacks, malware, and acts of account impersonation. With the velocity of online communications, these threat vectors become nigh impossible to track or react to using most companies’ existing tools.
80% of all data breach incidents reported in 2019 were related to phishing.
Here is a report according to the 2019 Verizon Data Breach Investigations Report. Phishing links can come in across any platform, from WhatsApp to LinkedIn direct messages. When enterprises’ security teams have no way to proactively monitor possible threats, they are flying blind.
Post-Perimeter, AI-Driven Solutions
The challenges of securing the digital workspace in the COVID-19 era all come down to this: we live in a post-perimeter age.
Once, companies established a perimeter, with firewalls and authentication systems, and everything worked mostly fine.
But operations are now distributed across a fragmented digital ecosystem. When your enterprise security is reliant on external, unregulated channels, you have a problem. The intelligence you need to mitigate digital risk and stay secure and compliant, is not as accessible.
The scale and speed of internet communications means that ensuring securing beyond the perimeter is very difficult. The task is beyond human intelligence.
Take “sampling,” for example. Too many digital signals are coming in all the time, and so security teams assess 10% of the overall pool and then apply the results to the other 90%. Taking a sampling works, in a way. But it is far from perfect.
Properly securing the digital workspace can only be done by recruiting AI and machine learning.
Only an AI-driven platform can constantly monitor every relevant digital endpoint. Only an AI-driven platform can apply policies to every single message and post, via customizable policies. Modern digital risk protection demands the data aggregation, rapid data processing, and instantaneous execution powers of AI systems.
The Solution? Deploy a Dedicated Digital Risk Platform ASAP
COVID-19 is seeing many enterprises migrate their whole enterprise into cloud channels. But to secure the modern digital workspace, third party cloud channels cannot remain black boxes.
Companies need to have full insight into how their employees are using every digital platform, so they can apply the relevant policies.
They need to be able to scan, and automatically detect and remediate security and compliance issues.
Until the COVID-19 pandemic ends and normalcy resumes, remote work is the new reality for many businesses. It’s in their best interest to secure their new digital workplace.