Before 2020, businesses across industries and regions were already navigating a gradual, but important shift towards remote work. However, the remarkable circumstances caused by a global pandemic have accelerated this process, forcing organizations to quickly revisit how their employees access tools and resources they need.

Mario Moreno

IAM Engineer

September 13th, 2021

Around the world, companies and institutions have had to upscale their virtual private networks (VPNs), adopt cloud-based workplace applications at record speed, and make several rapidfire decisions to better enable their teams. But this sudden transition to remote work has raised an important question: how can we effectively secure our remote workforces?

To answer this question, it’s important that we know the cyber security trends we’re dealing with. First, many organizations lack the infrastructure to effectively secure connections from remote home networks—which are likely not secure and exposed to potential threats—and personal devices. In addition, cyber criminals have capitalized on the pandemic, targeting insecure networks, deploying ransomware, and conducting themed phishing campaigns. In fact, between February and March 2020, targeted spear phishing attacks rose 667%. Where traditional security focused on building a hardened corporate network and trusting anyone behind the firewall, the new requirements for a large remote workforce have put a spotlight on the need for modern identity and access management (IAM) solutions that protect our workforces and resources.

At Okta, we weren’t immune to the effects of the pandemic. While dynamic work has been a long-term goal for some time, our security team still had to find a way to enable a fully remote workforce in a matter of days—a massive tactical task. We had to be able to effectively secure access for our thousands of users while avoiding any obstacles to productivity.

Now, we want to share the lessons we’ve learned. From prohibiting access from unknown devices and making authentication easier, to creating safe environments for digital events, here are six things we’ve done that you can adopt at your organization.

  • Remote work checklist
  • Contextualize access management
  • Simplify authentication
  • Enable remote incident management
  • Refine remote onboarding
  • Revisit employee training
  • Invest in home offices

[1] Cover your bases: best practices for protecting remote work. Okta Inc. 2021