Remote working; securing the next normal.

The ongoing COVID-19 crisis has bought to the fore the critical role of technology being able to reliably and securely connect people, government and business. 

The backbone that enables this is the Internet and the physical networks of cables and switches that connect them across town, the country or to the world. We have had telecommunications for over 150 years and the public Internet for 30 years; it is now as important to our economic well being as is electricity. It is the information – data - that is exchanged over the Internet that creates value for all connected parties, and that data needs to be protected from interception or loss. 

More recently we have seen the growth of applications hosted in the Cloud, delivering services to further enable commerce and government. The packet switched technology used is the backbone of all modern communications and a key component of why the Cloud increases resiliency – the ability to ‘bounce back’ from a disaster or adversity. 

Predictably this has led to increased spending on Cloud services, with a corresponding decrease in hardware/software investment in the first half of 2020. COVID -19 has also bought into sharp focus the challenge of issues such as VPN's, virtual private Clouds, encryption, and policy issues such as reporting and legal/ compliance, as many employees are working remotely. Many companies are considering making remote working a part of the ‘next normal’, beyond the current pandemic as they perceive a competitive advantage from using remote access tools and technology that have been proven and tested in recent months.

The effects of this will be profound; for example increased working from home could potentially reduce total miles driven by up to 9% in the US alone, according to a recent KPMG analysis. This may be lower in countries where there is a greater reliance on public transport infrastructure. 

Employees also are receptive. In the UK for example a recent report indicated that only 13% of working parents want to go back to ‘the old normal’. Even less (6%) want to return to the same type of economy as before the pandemic, with the majority wanting to see a ‘fairer and greener’ rebuilding of the economy. 

Data integrity and security is therefore paramount with employees working remotely on multiple devices, often in an unknown environment from a security standpoint. The risk of data loss may be mitigated by having a trusted Cloud Service Provider (CSP) acting as the gateway between the data controller and the remote user. 

During the pandemic there has been some discussion regarding an 'over reliance' on the Cloud, in particular from CSP’s that are processing data outside national borders. In fact cross border information flows have been going on for hundreds of years with data interchanged using physical documents. 

Consider the basic instruments of international trade; letters of credit and bills of lading. All supporting documents were paper based, cross border information - data - carried in person or sent via the national Post Office, or latterly by courier companies. The Internet has changed this with secure messaging applications, although paper still plays a role for some documents due to dated regulations.

In the past most communication was in plain language, able to be read by anyone in the chain of delivery from the office mail room to the President. Unless of course it was encrypted, a time consuming process. Today’s leading CSP’s all offer encryption to international standards at the point of creation, thus increasing security as it is the information controller/owner that holds the cryptographic keys. The Cloud therefore adds an additional security layer for all information flows; think of it as the Post Office within an armoured supersonic plane.

In summary, encrypting all data will enable it to flow more securely, whether across town or across the world. This will enable us all to bounce back from this pandemic and resume our lives - and economic growth - as soon as possible. 

About the writer. Mr Michael Mudd is an independent consultant providing opinion and insight into knowledge management and digital transformation. An appointed standards expert to JTC-1 of the ISO, he is also a member of the Government of Hong Kong’s Expert Group on Cloud Computing, specifically the working group on Cloud security and privacy where he advises on policy. He is a member of the Hong Kong Institute of Bankers and a judge for the HKMA Fintech Innovation awards. He is the chief representative of the Open Computing Alliance in the APAC and MEA region and is a member of the Middle East & North Africa Cloud Alliance. He also conducts executive coaching on technology risk and digital security for non-technical staff to mitigate losses from online fraud as well as CxO level guidance on the EU GDPR, in person and online. He may be contacted at asiaitpolicy@outlook.com.