Managing scaling challenges as more employees and devices log on remotely
COVID-19 is forcing us to rapidly shift our daily interactions in every scenario. Adjusting and limiting our personal and professional interactions are testing the limitations of protocols put in place within the businesses and institutions we rely on.
Business leaders are evaluating every option available to maintain operations and for many, working from home is the necessary choice. Major employers like Google, Shopify, Twitter and JPMorgan have announced remote working policies, and behind the scenes thousands of small and mid-sized businesses are also issuing guidance and temporary remote working measures.
Our digitally connected world means that most businesses have some level of work from home policy and security measures in place to manage remote working, but the reality is that most don’t have the infrastructure, protocol and tools in place to handle a rapid scale situation like the one we’re experiencing now.
From an IT perspective, business continuity plans have been dusted off and are in full force. The idea of a fully remote workforce is being put to the test. Properly authenticating external users and the devices, data and applications they use has never been more critical or had a need to run at such a massive scale; organizations who have adopted a cloud-first strategy will likely have an easier time with the effort than those who still have significant on-premises infrastructure.
Securely transitioning an entire workforce isn’t simple for large enterprises who have thousands of employees at multiple, global locations. Often those locations operate with varying resources and infrastructure, making the process of scaling a seamless authentication solution across the enterprise a challenge.
Some countries in Europe, and perhaps Spain to the highest degree, have widely adopted the practice of using digital certificates from government-backed PKI for a variety of regular tasks and business functions. In general, this is a good thing, and provides a much higher degree of assurance when compared to non-cryptographic digital signatures based on email and web clicks. But in some cases, large-scale work from home mandates are now making it difficult to access these certificates, as they may be on desktops or IT systems that cannot just be taken home. We have seen a huge uptick in interest from organizations that are looking for a solution to this challenge, with very short targeted timelines to have a deployment in place.
PKI has transformed over the years as many business leaders saw value in its ability to effectively manage digital identity security through authentication and device encryption. Business leaders dealing with today’s critical circumstance are turning to PKI as a tool to help them quickly deploy and manage mass remote connectivity.
At the end of the day, authentication, authorization and encryption are key to securing digital identities. Managing the digital identity security risk that comes with digital adoption is critically important – today’s circumstances mean it’s not business as usual, but the good news is that digital adoption has provided us with a level of adaptability that didn’t exist a decade ago.
CTO
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.