CyberSecure From Home in Canada
The universally accepted, “Home is where the heart is,” has recently proven itself to be mildly untrue. Any IT security professional currently navigating the ever-changing waters of these times will tell you that the new “work from home” norm is the opposite of where their heart lies, as they juggle supporting work from home while keeping their organizations secure. Their heroic efforts deserve a Timmies gift card to cover the unlimited double-doubles they are, no doubt, using as fuel to minimize any interruption to business.
The Shifting Perimeter
Increasingly, organizations are facing a reality that the perimeter is shifting. Things are not neatly contained within a brick and mortar structure, or contained by national borders— and IT teams need to have measures in place to balance the need for security without impacting productivity. The new paradigm that IT teams face in supporting a diverse remote workforce has exposed a security quandary for many. Balancing a lack of resources, technological shifts, and conflicting priorities while still trying to meet requirements like the CyberSecure Canada certification mark is no small feat. Amidst all this kerfuffle, what is often overlooked is that the controls being put in place and security practices being adopted are all a part of a zero trust security approach.
Canadian Center for Cybersecurity Tools
What we do know is that the perimeter-based security approach of the last century is no longer adequate for securing the modern enterprise.Today, organizations must secure a mobile workforce that uses a mix of corporate-owned and personal devices (BYOD bring your own device) to access cloud-based applications and services, often from what was previously thought of as outside corporate network boundaries. Luckily, the Canadian Center for Cybersecurity provides guidance and certification programs for organizations to become cybersecure.
But what does being cyber secure even mean? And how can companies safely and effectively fast-track this move? With a list of baseline security controls, choosing the right moves to make can feel overwhelming; however, these controls provide a foundation for implementing a zero-trust approach to security.
Key Cybersecurity Questions
Right now, we need to be asking ourselves: How do I deal with identity and access management for a geographically dispersed workforce using a myriad of different devices? And how can I scale remote access in a timely and cost-effective manner? What solutions do I need to implement to do this securely?
If you are not already asking these questions, I defer you to the insightful words that Margret Atwood shared during an interview with me on the Plaintext podcast, ”Do you have any idea what the consequences will be if you do not (fill in the blank)?... And you didn’t fix it, and now there has been a massive leak.”
Get ready to strap on your skates and put your stick on the ice. In the words of famed hockey player Wayne Gretzky, “This is a time when we need to skate to where the puck is going to be, not to where it has been.”
Canadians are innovators and inventors, producing notable things like ski-doos, jet-skis, velcro, zippers, insulin, penicillin, Zambonis, the telephone, short wave radios, Robertson screws (square hole) — but they don’t need to reinvent the wheel when it comes to implementing strong security that doesn’t impact productivity. Based on our answers to the questions above, we can navigate the implementation of the changes we decide to make. Searching for cybersecurity solutions from companies that make such implementation easy is critical.
These times require a careful examination of the word, “opportunity.” The most readily available heuristics of the word tell us that opportunity presents itself in a positive way, with little to be undesired. However, while the remote workforce is difficult to navigate, it also provides an opportune time to take the leap into zero trust and secure your company’s network once and for all.
The Right Time for Change Is Now
It does not have to be daunting, and there are things that you can start with today, like introducing MFA everywhere to protect all users (and move to a passwordless user experience), establish trust in devices, protect applications with access controls, and securing remote access. The tools to start today are readily available for lasting change.
To co-opt the words from the Tragically Hip — this is no dress rehearsal, this is our life — we are ahead by a century. By implementing the right controls, Canadian businesses can embrace the adoption of the cloud and remote work in a secure way, accelerating into the future of work. Implementing security practices is like having the right ratio of cheese to gravy on your poutine,, anything is good, but when you have to have the right combination it is perfection.
Duo is able to scale with customer needs as more organizations transition to working from home, with a complete 5-step program to implement zero trust for the workforce. Duo provides solutions that help organizations not only adopt a zero trust security approach, but helps organizations going through a digital transformation by protecting their Microsoft workforce applications including those like O365 and Remote Desktop.
Try Duo For Free
With our free 30-day trial you can see for yourself how easy it is to get started with Duo and secure your workforce, from anywhere and on any device.