The Coronavirus pandemic has caused disruption for every industry, but the Professional Services companies I talk to are finding some of the security challenges particularly difficult.
Professional Services used to be a great example of flexible working: evolving business models in response to client demand, flexing workforces, and working anywhere, anytime. But now, working from home with all the usual demands and needs is proving difficult. Auditors have been particularly hard hit, trying to deliver the same level of service in a foreign and restrictive environment. And without access to clients’ premises and onsite systems, it’s very difficult to complete tasks securely, if at all.

Why security is so important right now

The quantity and sensitivity of client data means it’s vital that Professional Services professionals can access it in a secure, managed way. GDPR alone requires encryption and restricted network access, but it’s also crucial that data is protected against cybercrime. With so many organisations supporting remote working, we’re seeing a worrying increase in cyber-attacks. It’s never been more important to understand the context of each engagement and customer, and a big part of this is knowing what data is being moved around and the value of that data to the organisation.

Right now, a huge amount of data is now being handled via less secure networks and outside typical security measures, so there’s increased vulnerability and exposure to threats. The main types of threats the sector is facing right now are phishing emails (such as Coronavirus scams), malware and passwords shared across multiple logins. Ransomware is adapting to our increased use of conference-focused domains like Zoom and is finding smarter ways to extort money from victims. Now people are dialling in to calls from non-corporate devices, Professional Services providers could potentially pass a cyber-attack through to others.

The focus right now for these organisations is to mitigate cybersecurity risks that could impact confidential client data and look to the future where it’ll be possible to vary your data security strategy against the application and data that’s important to the organisation. It’s also a good time for companies to implement, automated threat intelligence and prevention systems, to help spot anomalies in the huge volumes of data passing through their networks.

Creating a new business as usual

With the right security measures in place, firms can start to look forward and think about how to create a new ‘business normal’. I believe this future needs to include strategies for secure, remote access to confidential data. Now is not the time to look to security for cost savings – endpoint security has never been more important as consultants begin to access client data remotely. Also, cloud investment will help employees to access resources and applications from anywhere at any time – but this needs to be developed securely so it doesn’t leave an organisation vulnerable. A scalable, secure virtualised environment will be the key to the new business as normal, and technologies like Virtual Desktop Infrastructure (VDI) will also help. VDI separates end users’ physical devices from the desktop environment and associated application software, so users can securely access resources and applications anywhere.

These changes mean many firms, both Professional Services companies and their clients, will have to accelerate their digital transformation. CFOs and CIOs need to be working together to make sure the right investments are being made to support and accelerate virtual infrastructure as a consistent strategy across the organisation. And, with on-site access limited, security needs to be a high priority in every decision made.

A silver lining for Professional Services

Many businesses have been forced to reassess their supply chains and navigate complex legal and regulatory frameworks as a result of the pandemic. With most also having to rely heavily on the strength and flexibility of their digital tools and IT providers. But the right technical transformation has the power to reinforce trust between the organisation and the Professional Services provider. Growth will come for those companies that can step in and provide appropriate support through the risk-as-a-managed service, risk advisory automation, and digital transformation space. As well as a challenge, the current situation is an opportunity that the industry can benefit from. There is a silver lining for those Professional Services companies who base their offerings on a supportive relationship between technical provision and operational services.

Article credit

GDPR image