“To survive and thrive … organizations must improve resilience, anticipate and prepare for disruption if they hope to remain relevant and continue to serve their customers,” said Alla Valente of Forrester. “Risk assessment is essential to help companies [see] existing and emerging risks that threaten their … data, systems, processes, people, operations, and intellectual property.”1
The vaccine rollout has led to an increase in hybrid work environments that have elements of both on-site work and the remote work model. Remote work has been shown in a Microsoft study to lead to cyberattacks and data loss because many endpoints operate outside the secure corporate perimeter.2
Risk assessment can help you address, reduce or avoid security problems inherent in your organization’s current work model.
Hybrid environments offer benefits. They have been shown to reduce costs for organizations and employees: companies no longer need office space for the entire workforce at once; employees don’t have to commute every day.
Remote or even hybrid work is better protection against the pandemic than a fully on-site workforce: for instance the CDC continues to encourage masks and physical distancing even with high vaccination rates, also because employees can choose to work from home if they aren’t feeling well, a hybrid workplace can reduce the spread of viruses.
Also hybrid environments offer the prospect of building employee morale since there are both times for collaboration at the office as well as the flexibility of working remotely. Most surveys indicate employees want a hybrid or remote situation.3
The Answer to Life, the Universe and Everything
On the other hand in the same Microsoft report that reveals the dangers of dispersed endpoints, eighty-eight percent of businesses said it was necessary to secure remote work tools and protect customer or employee data in the distributed work environment.4 So organizations realize they have the responsibility to protect their digital assets through software updates, password management, data backups, business continuity solutions and employee training.
Keeping tabs on all digital and hardware assets your business owns and uses can be a good first step toward successfully managing digital assets. It should include more than just noting the model numbers, serial numbers, locations, etc. Asset management for security and data breach protection related to hybrid environments is a thorough and usable set of inventories. You need a clear picture of the operating system version(s), the patch levels, the configurations and the state of known vulnerabilities.
Asset management is a firm foundation to begin to assess the risks in your organization’s hybrid work environment. Risk assessment helps you identify:
- Internal and external vulnerabilities
- Threats to the business’ data, systems, software, cloud and networks
- Consequences should the exposed threats exploit the exposed vulnerabilities
- And an itemization of the harms that may eventually unfold
Due to changing work models, employee changes and technological changes, regular risk assessment (under pre-pandemic circumstances Bryley used to advise every two years) yields the benefits of being prepared:
- Identifying your risk profile: Detecting threats and sorting risks based on their potential for harm helps you focus your efforts on urgent problems.
- Protecting your digital assets: Risk assessment is the start to finding how you will protect your critical assets and vital data in the distributed work environment.
- Reduce security spending: Regular risk assessments help you reduce security spending because you’re eliminating guess-work and acting on what you know. It will become clear where you need to allocate funds to better security.
- Maintain compliancy: When you handle your business assets and data securely through regular assessments, you can keep your business from a regulatory violation.
The Choice Is Yours
We are all learning to navigate shifts in our work environments. With each shift, we introduce potential vulnerabilities to our data. Risk assessment and digital asset management can help you address, reduce or avoid security problems, but you may be unsure about how to start. That’s why you should consider collaborating with a partner like Bryley. Since 1987 Bryley has been advising in risk assessment and asset management, and can help your organization keep vulnerabilities from becoming disasters. For more information about Bryley’s approach please call 978.562.6077 or email ITExperts@Bryley.com.
2 Building resilience and maintaining innovation in a hybrid world, Microsoft
3 https://www.inc.com/minda-zetlin/hybrid-work-schedules-policies-employees-choice-wednesdays-nicholas-bloom-stanford.html , https://www.washingtonpost.com/lifestyle/wellness/working-from-home-office-benefits/2021/06/24/d1f92d86-d077-11eb-8014-2f3926ca24d9_story.html
Lawrence writes about networking and security. He’s written for Bryley since 2015.