Written by Michael Gazeley, Managing Director, Network Box Corporation
When SARS hit Hong Kong in February 2003, many organizations urgently started to look for ways to, temporally, allow their staff to work safely using their computers from home. At that point in time we were still over 4 years away from the launch of the Apple iPhone, so the primary issue was how to safely connect and operate desktops and laptops from home, connecting back to the office via secure Virtual Private Networks.
Virtual Private Networks (VPNs) are used to create mathematical tunnels from point to point, in this case, from a member of staff’s home computer to the employer’s office network. This allows authentication to take place, so only authorized computers (devices) can be connected. It also makes sure that any data traveling through the VPN can be encrypted, ensuring data confidentiality. If one thinks of the Internet as the sea, then a VPN is like a cross harbor tunnel, securely connecting one side of the shore with the other.
With the current outbreak of the (seemingly even more dangerous than SARS) Coronavirus some 17 years later, a similar rush to have staff work from home has been called for by many organizations in Hong Kong. This time however, most organizations understandably want to add mobile devices (such as smartphones and tablets) to the mix, but that hasn’t been the only change.
Network Box is a managed cyber-security provider so, unlike do-it-yourself systems, our engineers talk directly with our clients. As part of these conversations, the biggest and most obvious change we are seeing between SARS and the current Coronavirus outbreak is the dropping of the word “temporary.” Many organizations seem to be looking to a future where working from home is the new normal.
Perhaps it is the triple impact of the ongoing social unrest added to the ongoing global trade wars, on top of the Coronavirus outbreak, but certainly, many technical conversations have been distinctly gloomy in nature and have revolved around setting up permanent VPN networks, with a view to allowing staff to work from home for the long term.
At the same time, many companies are cutting staff, branch offices are being closed, and in some extreme cases, organizations are moving out of Hong Kong altogether. Obviously, once an organization allows its staff to work remotely, it soon becomes apparent that high rents and ancillary costs can be significantly mitigated.
For the people that are being asked to work from home however, there are significant challenges.
First of all, there are the cyber-security aspects that Network Box specializes in. But it isn’t just about cyber-security, working from home can present a serious challenge to trying to achieve a healthy work-life balance.
With the omnipresent smartphone, also securely hooked into organizational networks, and the rapid growth of cloud system usage; rather than working from home being a perk, we could soon see working around the clock, from wherever you happen to be, become the new organizational standard, regardless of an organization being large or small. Not just the casual use of WhatsApp allowing colleagues to text each other regarding work, but a wide spectrum of cloud platforms bringing each aspect of the office to each individual user.
As online usage continues to grow, on both a personal and professional front, the challenge to keep digital assets secure will only become harder. Human nature has typically leaned towards convenience as opposed to security whenever there has been a choice between the two.
It is also critical to remember — regardless of connecting with physical servers owned by an employer, virtual systems on private networks, or major platforms on the public cloud — in the end, it is all still a computer system owned by someone. All data is stored on hard disks or solid state drives, somewhere.
Working from home, also frequently means working from “somewhere which isn’t the office.” To be safe, you first need to physically and digitally secure your device itself (this is an ongoing process), you need to connect only to trusted service platforms, and you need to ensure that the connectivity between the two is secure as well. If you work in a particularly sensitive job, it may be prudent to have different devices for personal and professional usage. But if that isn’t possible, make absolutely sure you do not use your work credentials for any personal accounts.
For example, don’t use your work credentials for your gym’s login page, or for your church’s website, or for your social media accounts. To give you some idea, there are 7.7 billion people alive on Earth right now, yet there are already 9.5 billion hacked and posted sets of credentials on the Dark Web.
If you use a third-party computer desktop, say in a hotel’s business center; or you use public Wi-Fi without a VPN in place, say while sitting in a coffee shop one afternoon; then there is every chance you will get hacked, and your private and company data will be compromised.
Use your own secure laptops, tablets and smartphones. Connect only to secure trusted platforms. And always connect using properly implemented VPNs. None of this is impossible to do. Far from it. But a proactive stance needs to be taken. You cannot just “hope for the best.”
In the rush to secure yourself against the physical Coronavirus, the last thing you want to do is fall victim to a cyber-virus which either allows a hacker to steal all of your confidential data, or to encrypt and lock down your entire office network so your organization can no longer function at all.