With many of us working remotely now, security is going to be a concern for many organizations. While some might have company provided hardware, many of us will use our personal equipment to connect to data and systems. This brings even more challenges to ensuring security than we’ve had in the past. This might be especially true for organizations that have (or are) scrambling to get everyone connected and ensure access.
There are a number of areas in which this might affect us as data professionals. First, we should ensure our devices are patched. Windows, OSX, Android, iOS, whatever platform you run, you ought to be properly patched. This might be especially disconcerting for some home users that run older versions of host platforms. This might be especially true for networking stacks, which have grown more secure over time. It is important for most of us, especially when using privileged accounts, to have fully patched devices.
There’s also the issue of viruses, ransomware, and more transiting from home systems to work platforms. I know some companies are doing lots of work through remote access, but that’s not practical for many of us. I do think the idea of separating out traffic to production systems is a good one, and requiring some sort of remote terminal to a jump box might be preferred. Having some sort of PAW is a good idea as well, though not always easy to set up, especially right now.
There are still the actual access rights and least privilege principles we want to maintain. Even as people struggle to get work done remotely, opening up all resources to users that want them can be a poor choice in many companies. We want to maintain adherence to good practices while working in an unfamiliar environment.
There is also the idea of good data protection. This piece talks about DR and data protection, something that many of us data professionals think about regularly. I don’t know if organizations want to add home machines as remote backup targets, but we should certainly ensure that documents, code, and other information is protected. Workstations and laptops are going to fail, as we want to minimize data loss. Having version control for developers and default save locations that are remote are good practices for remote work. I know I keep most of my data in remote git repos, Dropbox or OneNote drives, or some other shared location that will persist if my hardware has issues.
While many of us try to keep moving forward at work, and our management certainly wants us to do so, we should keep in mind the security and data protection are still important parts of our jobs.