Need to revisit compliance for the new era of remote working: Archie Jackson, Sr. Director & Head- IT & IS, Incedo

Need to revisit compliance for the new era of remote working: Archie Jackson, Sr. Director & Head- IT & IS, Incedo

The guidelines need to be revised and made flexible to accommodate remote and mobile work environments.— Archie Jackson, Sr. Director & Head- IT & IS, Incedo

Most organizations are trying leverage BCP plan for business sustainability amidst the pandemic. This is the new normal in the enterprise landscape.

Working from home and managed remote operations are two cultural shifts that organizations need to plan for moving forward in the post Covid era. Enterprises that are in sectors like healthcare, banking, insurance and legal, which have a personal, connect with their customers, need to look at current technologies and utilize them to redesign their businesses.  This should   help them function normally at 100 percent capacity even while being remote. It’s good that remote banking and mobile payments picked up big time post demonetization. Since then a vast majority of people are utilizing these online wallets instead of hard cash.

Apart from that, considering the situation the pandemic has put us in, which calls for remote operation, security plays a critical role in ensuring services are delivered in a safe and secured manner.

The possibilities of security breaches are relatively less when people are working in an enclosed office environment as opposed to when they are working remotely. Remote environments tend to be vulnerable to security threats as workers tend to connect on home Wi-Fi systems and the ISPs, which are shared.

There is also a privacy issue involved as confidential company information the employees are working on is exposed to other members in a household. Issues like privacy can be addressed by a remote working policy that ensure the employees take care. At the same time Internet security and Endpoint security also need to be beefed up. Here integrity matters. The integrity of the employers and their systems are the enablers in this context as any failure in integrity can lead to problems. The success of remote working, to a great extent, is determined by the kind of controls installed into the endpoints.

Every business requires a different combination of tools to ensure that security and privacy requirements are met. There may be many businesses that require the monitoring of screens to understand what employees are doing. This is not done in a reactive manner, but in a proactive way in real time where virtual screens are being monitored centrally or through other controls. Then you have Mobile Device Management (MDM) which is critical in an environment where your employees are accessing applications and data from your corporate network remotely. Earlier, malware threats were easier to detect due to signatures. But today we have zero signature malware which makes the task of identifying and thwarting threats so much more tricky. Legacy MDM solutions are no more adequate to tackle the threats.

Endpoints today need to be highly secure and utilize tools that can identify threats through user behavior. Here we need tools that incorporate AI and deep learning as they help us monitor user behavior proactively, control and contain threats.  Big data analytics capabilities are also extremely useful in a situation like this.

Considering that enterprises are evaluating remote working as an option, compliance is an area that needs to be revisited. There are various regulatory regimes like HIPAA, Basel, NEST framework and ISO, which have issued guidelines across sectors like healthcare and banking. These guidelines need to be revised and made flexible to accommodate remote and mobile work environments. They should add on additional guidelines that govern security and privacy. At the end of the day, it is important that businesses are sustained and that is exactly the objective of any approach to BCP. Given the new workplace realities we need to grapple with in the age of coronavirus and also in the post Covid 19 phase, it’s imperative that we need to incorporate new tools and technologies to deliver a seamless experience where remote working is the new normal.