Our Blog

Ensuring cybersecurity in a hybrid workplace

Ensuring cybersecurity in a hybrid workplace

Teng Yew Ang Teng Yew Ang
Originally published on November 4, 2021
Last updated on December 12, 2024 Post a comment

The events of the last 18 months have intensified security risks for businesses of all sizes, and across all industries.  

According to a recent CISCO report, 69% of businesses said they have experienced an increase of 25% or more in cyber threats or alerts. Worryingly, 7% said they wouldn’t be able to tell either way.i  

Just under half of Australian businesses (41%) also said security is more important now than it was before the pandemic. ii   

The shift to hybrid working, and the need to support a highly distributed workforce, has accelerated the risk for many businesses, including those in the professional services sector.  

According to a recent study by McKinsey, the professional services sector is one of four most able to support and continue with remote/hybrid work – alongside the finance, management, and information sectors. iii      

A survey by Hays of 2,500 working professionals also found that 61% believed a hybrid working model was the most productive. iv 

At the same time, however, the security of data for a professional services firm that is facilitating hybrid working is of critical importance. If your data, or that of your customers, gets into the wrong hands, the results could be devastating. As well as the costly fines associated with non-compliance, there’s also the lasting impact on your reputation, and ability to secure clients and attract employees.    

So when it comes to implementing a professional cyber security strategy, what are the main challenges for you as a professional services firm? And what steps can you take to safeguard your data, without restricting innovation? Here’s a quick overview.  

mckinsey-quote-remote-work-min

Top security challenges for professional services firms 

52% of cybercrime committed against professional services firms is cyber-spying or cyber-espionage, 25% is committed through crimeware and 10% through miscellaneous errors. Source: Verizon Data Breach Report vi 

Perimeter-based security  

While many professional services firms had remote working policies and processes in place before the pandemic, few had the facilities and infrastructure to support it at scale. Many, for instance, are still relying on perimeter-based security, with things like firewalls and browser isolation systems attempting to ward off threats as they enter the premises.  

Now, with a significant number of people working remotely, perimeter-based security simply isn’t sufficient. What’s needed is a new approach that tackles security at the device level, referred to as end-point security.  

A recent survey commissioned for HP suggests that 91% of IT decision-makers believe end-point security is now just as important as network security.vii 

Confidentiality of client data 

Professional services firms retain and share vast amounts of confidential data about clients’ businesses – their financial performance, legal cases, human resources information and much more.  

Once a cyber-breach occurs, it’s very easy for this data to end up in the wrong hands. For instance, it’s an incredibly worrying reality that emails and passwords from 90% of small and mid-size businesses are currently for sale on the dark web.  

Typically, professional services firms are also required to adhere to strict information security frameworks to meet compliance, which can be time-consuming.  

Lack of scalability  

Many professional services firms also rely on a project-based workforce and therefore require considerable flexibility and agility when it comes to their IT.  

However, traditional, on-premise security infrastructure can be inflexible and detract from the level of agility that firms need to thrive.  

What’s needed is a more flexible approach to security that can scale with the business and its specific needs. 

Overworked IT teams 

Similar to many industries, the IT experts within professional services firms are facing an enormous workload. Many are dealing with increasingly complex infrastructure, and the need to support remote workers is considerable. The more overworked the IT team, the more likely that there will be security gaps that cyber-criminals can exploit.  

What can be done?  

The good news is that there are some very simple steps that your professional services firm can take to improve security: 

Step 1: Engage a trusted partner 

Perhaps the most important step you can take when it comes to security is to engage a partner who can provide the level of guidance, advice and strategic support you need.  

Outsourcing your security as part of a managed services agreement can free your IT team to focus on other areas, and can also provide you with ongoing access to an expert team.  

Step 2: Determine your level of risk 

Before implementing any new security solution, you also need to understand where you stand now, and where the biggest risks like. For instance, many firms simply don’t know if their data is for sale on the dark web, or even if a breach has occurred. An experienced security partner can perform the necessary checks and provide you with an assessment regarding your level of security risk.  

A key place to start is with a Dark Web Scan – a service that Office Solutions IT provides. Within just 3 – 4 days, we can help you: 

  • Discover exposed data – find out whether your organisation’s information has been exposed on the dark web.  
  • Identify compromised accounts – discover the precise email addresses and passwords that are on sale. 
  • Get expert suggestions – you receive a personal call to discuss your results and recommendations. 

Following on from this, Office Solutions IT also offers a complimentary risk assessment, to identify your security strengths and weaknesses; provide advice on the improvements you should be considered relative to your security posture; and supply you with a detailed report of your results against this framework, including how your business aligns with others in your industry. 

Step 3: Evolve your workplace software 

When it comes to boosting your security, an important place to start is your workplace software. Microsoft 365, for instance, has a very rigorous security foundation that can help you:  

 

  • Keep customer data safe. Clients can ensure that only the right people have access to important data with information protection.  
  • Defend against malware. Protect against ransomware, spam, malware, viruses, phishing attempts, malicious links, and other threats.  
  • Stay in control. Sent the wrong attachment? You can revoke access to an attachment even after the email’s left your inbox with cloud attachments.  
  • Bring your own devices. You can protect your information, even when it’s accessed on employees’ personal devices.  

Why partner with Office Solutions IT? 

Office Solutions IT is a highly experienced Microsoft solutions and Dicker Data partner, with deep expertise in the professional services sector – and over 200 corporate clients around Australia. We believe IT should work hard, not feel hard, and pride ourselves on making IT simple, streamlined and fully transparent for our clients. We also offer a pricing promise which guarantees that there will be no unexpected surprises in our IT support.  

In particular, our team has many years of experience helping organisations maintain their security integrity.

Get Dark Web Analysis

If you’re interested in finding out more about security for professional services firms or getting started with a Dark Web Scan, please get in touch today.  

Dark Web Scan

Dark-web-footer-image-min

 

Don’t put your reputation and funding at risk

Exposed credentials are a disaster waiting to happen. Request a complimentary Dark Web Scan from our expert team today.
Get Dark Web Analysis