Welcome to This Week in Remote Work. There was a ton of news about remote work security this week, with a lot of great reports dropping. This week’s roundup could have easily focused solely on remote work security, but we discuss that topic frequently here, so we decided to resist the urge to overdo it. Without further ado, here are five remote work articles that caught our attention this week:
1) Ransomware threats to watch for in 2021 include crimeware-as-a-service (TechRepublic)
If you follow the topic of remote work technology, you’ve no doubt seen tons of articles in the past 9 months about the dramatic increase in ransomware targeting remote workers. This week Blackberry’s research team introduced a new report that recaps the security threats of 2020, provides expert advice on what to expect in 2021, and a 5-step recommendation.
Ransomware has become an increasingly virulent threat targeting businesses, government agencies, schools, and even individuals. As ransomware attacks gained greater traction and variety in 2020, so too will they bring about more developments in 2021. A report released Wednesday by BlackBerry highlights several trends to watch for in the year ahead.
For BlackBerry’s “2021 Threat Report,” researchers and security professionals at the company were asked to offer their cybersecurity predictions for the upcoming year. In response, they advice organizations and users to stay vigilant to the following threats as 2021 progresses.
This is the first time I’ve seen reference to the term “crimeware-as-a-service”, which is a very apt moniker. Be sure to scroll to the end of the article for the 5-step recommendation from the Blackberry researchers. And check out our primer on zero trust security for remote work here.
2) What Everybody Thinks About VPN but Nobody Talks About (Security Boulevard)
I know, I know – it may seem like we bash on VPNs a lot. Don’t get us wrong, there’s a time and a place for VPNs. But enabling secure remote work at scale is not that place, which is confirmed by yet another report – this one from the folks at Cybersecurity Insiders:
The 2021 VPN Risk Report is based on a survey of cybersecurity professionals—with more than half of respondents at the director level and above—who offered insight into their remote access environments, how and where users are connecting, the challenges they’re facing, including the rise in VPN vulnerabilities, and whether zero trust will begin to play a role in their remote access strategy.
Their answers revealed that IT leaders have been in a real bind. They need to provide remote access to applications in the data center and cloud, but the technology they’ve relied upon for decades is exposing them to risk—and they know it. Here are some of the report’s key findings:
Companies are aware of VPN risks, but they’re using them anyway.
VPNs have been used for remote access for nearly 30 years and they remain practically ubiquitous. In the survey, 93 percent of respondents reported that they are leveraging VPN services. Even so, 94 percent are aware that VPNs are vulnerable to cybercrime, with attackers targeting remote workers as they try to get access to business resources through the VPN. It would have been hard to miss the countless articles about VPN exploits in 2020, and the news of almost 500 known VPN vulnerabilities listed on the CVE database.
Check out the full article for all of the sobering stats. And check out our post from Brandon Lee on why it’s time to move beyond VPNs when it comes to securing remote work.
3) The remote workforce is redefining mission-critical apps (TechTarget)
This is a greaet piece from Kerry Doyle at SearchITOperations about how the shift to remote work now requires that IT teams be ready to support legacy business and mobile tools as mission-critical applications. It drives home the fact that, when supporting remote work at scale, you have to now think of applications as mission-critical, just like your underlying infrastructure.
Organizations of all sizes have long relied on the term mission-critical to designate key compute, storage and networking resources as essential or top priority. These systems must operate continuously, and at a high-performance level, to ensure that a company achieves its goals. As businesses rely heavily on remote workplaces due to pandemic restrictions, they must recognize that applications require that same high level of performance integrity.
There’s also a great section on the steps to take to support mission-critical apps. And what do you know, VPNs get a shout out (as the article calls out the need to assess the viability of VPNs, and looking at other solutions):
From the outset, assess VPN infrastructure viability, and consider adopting new tools to initiate or expand remote workplace access. For example, cloud-based enterprise application access defines which authorized remote users or devices can access an internal application, as well as limit network exposure.
There are some great analyst stats peppered throughout this piece that really drive home the straetgic importance of secure application delivery to your remote and/or hybrid workforce.
4) How top companies are embracing a ‘virtual first’ approach to workplace culture during the pandemic (Fortune)
Changing gears a bit, we came across this great article about how more companies are adopting a “virtual first” approach to workplace culture. And while all of the technology aspects of supporting remote work are important, the question about building and maintaining a strong company culture when many are remote is a very important one. The article share insight’s from Fortune’s “Reimagine Work Summit” and specifically a panel discussion titled “Building the Future of Culture and Communication.”
Dropbox’s efforts have been about “recogniz[ing] the importance of bringing people together for key interpersonal moments,” Simpson said. “We’ve created a set of really flexible practices that we’ve written up and shared in our ‘Virtual First’ toolkit—frameworks and guardrails for how to communicate with your teammates. I think it really helps create an inclusive environment.”
Check out the full article for some really interesting insight from leaders of four large companies who are all approaching remote work culture in different ways – but who all agree that “virtual first” is the future.
5) What does the future look like for mobile technologies in a stay-at-home world? (ZDNet)
Okay, this one really got me thinking. The always-prescient Tom Foremski introduces a really good question about the impact of remote work on our need for/depence on our fancy mobile devices:
The entire world is vastly less mobile than it was pre-COVID-19 and this will continue to be true into the future. So why do we need super-expensive mobile technologies? We don’t need them as much as we did.
I’ll admit, I clutched my device a little tighter while reading this article and initially thought “but, of course we still need our devices!” – until I realized I was reading the article on my phone while seated at my desk, with two larger monitors right there in front of me. It certainly got me thinking.
And what future for mobile phones? Working from home makes having a cell phone awkward. I still have to carry it about, or I have to keep running over to it to make sure I haven’t missed anything, and I keep putting it down somewhere that’s not easy to find. I certainly don’t need the latest digital phone if I’m not going to be out and about for 10 hours a day.
A mobile phone is not that useful when you aren’t that mobile.
Tom goes deeper to discuss how a reduced dependence on mobile devices could help with the current international tensions around the production of chips. Lots of good stuff in this article – I highly recommend checking it out as an interesting thought exercise in how the shift to remote work is changing many areas of our lives.
Thanks again for reading, and join us back here next Friday for the next weekly roundup.