When most business leaders began planning for lockdown and a shift to remote working, the potential challenges they were preparing for centred around the operational difficulties of being able to collaborate from a distance. There may have been changes to processes and policies, staff training on new tools, as well as plans on overcoming financial obstacles as a result of the pandemic.
However, there was less consideration for the impact of remote working on cybersecurity. For all the benefits of allowing staff to work from home, both in terms of productivity and work/life balance, it inevitably leaves a business more open to security threats.
The average office setup is very different to the home environment of most employees, with relaxed admin rights of the latter allowing staff to easily and quickly download free trials of products that might pose a danger. Having teams working remotely also means you won’t all be on the same centralised system for updating anti-virus software.
On top of this, as the move to the cloud increases – especially when we consider the reliance on tools like Microsoft 365 – the very nature of having employees accessing files and software from multiple locations, networks and devices, is a risk to corporate information such as financial stats or customer data.
The role of software asset management in cybersecurity
The part that software asset management (SAM) plays in mitigating cybersecurity risks, is all about visibility. The purpose of SAM is to provide a full overview of every aspect of an organisation’s software use, from deployment, all the way to end of life. It allows IT teams to see all licenses and understand who’s using them, when, and in what way. And, of course, a clear view of software use is vital in understanding what you need to protect against.
Software asset management is probably best known for helping businesses save money on unnecessary licenses, or for staying compliant and audit-friendly. Whilst it does do all of these things, the right SAM tools can also make sure all products are being kept up to date, and that any necessary patches have been successfully installed, therefore reducing security risks.
The challenges caused by software misuse
Over the past 18 months, we’ve seen a number of common recurring issues that can be easily avoided:
- Using outdated software – it might not currently be top of your list regarding security threats, but actually, using outdated software, or failing to update software when prompted, is one of the best ways to make yourself a target for cybercriminals. One of the main purposes for these updates is the work that software vendors are continually doing to fix vulnerabilities and add patches, so it’s really, really important to take advantage of that and update straight away.
- Rogue installations – indiscriminately adding software and unregulated IT resources – whether that be an illegal download, or simply an online purchase from an unknown vendor – is a common, but serious issue. Naturally, staying on top of this when staff are working remotely gets much more challenging, which is where SAM tools come in, allowing you to track this behaviour and take steps to protect your business.
- Sharing removable media – when inappropriate software is shared from machine to machine – a trend that’s becoming increasingly common as employees working from home may share devices with family members – it can compromise assets or open breaches, so this is a key risk to have on your radar.
Making everyone aware of the dangers
Having the right tools and technology in place is essential in the fight against cybercrime, however, there also needs to be a change in the way people behave, particularly when it comes to software use. Many simply aren’t aware of the connection between software use and cybersecurity, so educating people on the wider impact of their actions is crucial.
Ensuring that all areas of an organisation are familiar with the fundamental concepts of software asset management is a key step towards keeping a business safe.
While the initial priority regarding remote working might have been towards keeping productivity levels high, the emphasis now needs to shift towards security, and that means gaining better visibility of your company’s software use.
Source : https://www.globalbankingandfinance.com/why-sam-needs-to-be-part-of-your-toolkit-against-the-security-threat-of-remote-working/