Data suggests that the move to remote work has caused a growing number of headaches for security teams, securing remote systems and maintaining up-to-date software through patching has become a challenge for many businesses.
In mid-March, 45% of companies encouraged workers to move to remote working, up from 13% of companies in 2018, this is a massive step change.
While 48% of security teams patching on-premise desktops and laptops in the first three days, that declines to 42% for remote desktops and laptops, according to stats.
Remote desktops usually are not a priority in terms of patching and prioritisation due to limited visibility into remote workers’ systems. This in turn has resulted in a large increase in the attack surface because of remote work.
A major impact on businesses from the coronavirus pandemic is the speed with which companies have moved to remote working,
The sheer speed of moving to remote working has put added pressure on IT professionals and businesses.
These are our tips for ensuring your Patch Management is up to date:
- The Cloud – The cloud is a beneficial way of ensuring your data is kept secure when working with remote teams. It’s much more difficult for cyber attackers to break into the cloud, while it also makes it highly unlikely that your workforce will lose any of their or the organisation’s sensitive data.
There are also paid systems which are available to encrypt your cloud storage to add increased security.
- Multi-Factor Authentication – Use multi-factor authentication, this provides added security to your process. With a simple push notification, a mobile app makes each login attempt visible, allowing the user to accept or block access right from their smartphone.
- Restrict use of personal computers – As a rule, you shouldn’t allow your remote teams to use personal computers for business work. This ensures that users don’t use social apps, personal email etc to compromise the security of your business.
- Control mobile devices – The flexibility and convenience of smartphones and tablets makes these devices easy to use, and not just for your remote workers – hackers have seen the soft opportunity presented by mobile devices. With a large increase in mobile based cyber threats, organisations have realised they require similar security for mobile devices as are applied to the organisational network.
- Educate your staff – In order to maintain your data security when working with remote teams you must educate and train your employees, especially those who will be working remotely. You should regularly inform your teams of key security protocols, new hacker strategies and how to identify phishing emails.
- Managed Service Provider – Another option is to use a service provider to manage patches on your network. MSP’s will have the right tools in place to automate large parts of the patching process.
In conclusion companies need to accept the fact that patch management is a constant chore regardless of remote work or working in an office.