In a special interview originally published in The Commentator, Absolute Software’s global CEO Christy Wyatt offers her insights and expertise into the security issues facing businesses amidst the COVID-19 crisis and offers guidance around how companies can continue to operate despite the disruption
With COVID-19 causing havoc for businesses and putting thousands of people at risk, The Commentator interviewed Christy Wyatt, CEO of Absolute Software about how tackle the crisis and the security procedures that can keep companies safe from hackers.
Christy, please can you tell us what lessons are you learning amid the outbreak of the Coronavirus?
While we have been having conversations with customers for a long time about the resiliency of their security controls, the reality is that many users are taking their devices home and working remote - which brings this discussion to a whole new level. We see companies having trial "work from home days"....asking users to stress test their remote working infrastructure and seeing how systems perform with dramatically greater capacity....at a time where every other company is doing the exact same thing.
One of the many things we help customers with is the ability to see where their security controls are in place and ready because businesses of all sizes have a heightened awareness of where their employees are.
As the virus moves quickly and the heat map evolves, knowing where your users are and who is close to risk is critical and important. We are seeing customers having business continuity discussions and taking a good look at where they may be most vulnerable. It is not lost on the security industry that as users work from home, and people are distracted with this pandemic that valuable assets could be compromised. IT, Security, HR and Leadership have to respond in unison to ensure employees are protected and Enterprise Resiliency is intact.
Have you had to make shifts and pivots in daily operations?
We have made our primary focus on protecting our customers and enabling them to have better visibility and control during this critical time. As with any company, we have done our work on business planning, remote work, and security. But in addition, we have to anticipate a fundamental change in how organisations operate - including our own. Employees will be remote, travel is less reliable, and that makes you vulnerable.
For some companies, this level of mobility is unprecedented in their workforce. We started immediately looking at what our technology can add to help our customers see where their employees are, ensure that they are protected by keeping their security controls in place where needed, and are able to take remote action on systems if required.
As a result, we are immediately making Application Persistence available for VPN apps at no charge through August. What this means is that if they are relying on VPN to keep their employees connected, we will monitor the VPN application to make sure it remains undeleted and in force.
As a result of our workforce brainstorming the issue in support of our customers, we are also working on reports for customers that map out where their endpoints are in relation to outbreak hotspots. And since our own workforce is also quite distributed, in many cases, this is about modeling what we need to do, and then automating and making it easier for our customers.
Do you fall back on certain technology due to work at home requirements?
For anyone who spends a lot of time on the road....it is back to the basics. It is audio/video conferencing, mobile productivity and collaboration solutions like Outlook or Slack, and of course, security like VPN to keep the workforce securely connected, and/or identify and access management. One of this biggest risks here is that there are large parts of any organisation that rarely work remote.
So, these controls and applications may not be configured appropriately, or the user may need rapid training on how to use them. I would expect IT Helpdesks is going to be incredibly ‘stress tested’ until there is automation introduced, like Resilience. Another great concern is going to be security itself.....because with devices being more remote, the probability of those controls going offline or devices becoming compromised could increase.
I also expect hear that in the coming weeks how bad actors are opportunistically taking advantage of the situation. Think of it as "Cyber Looting." Enterprises need to remain vigilant that this global pandemic does not also lead to a global breach pandemic.
How is this situation changing things for you and how you are planning for other possible pandemics in the future?
One thing is for certain, and that is that every company diving into business continuity and looking at Enterprise Resilience and will emerge more prepared going forward. Let’s hope there is not another repeat performance where we get to benchmark this.