Although the world has been transitioning to remote working and digital identities for a while now, the COVID-19 pandemic has seriously sped up this process.

Along the way, this crisis has raised a number of questions concerning the feasibility of digital transformation. In today’s post we’ll be addressing some of these concerns.

Before COVID-19, we all recognized that a global shift towards remote work had become a trend. However, the response to the COVID-19 pandemic greatly accelerated this movement, almost doubling the number of remote workers.

To give you concrete data, protective measures taken during the pandemic have caused the number of full-time remote workers to jump from 33 to 61 percent. The distance working strategy was adopted by companies around the world, including the biggest ones like Facebook and Google, who will be continuing to embrace this model throughout this year, too.

In addition, online services, in general, have completely exploded. I recently wrote about a full-on digital transformation with a 26.8 percent increased demand overall in online inquiries. 

These trends are here to stay. However, you might be asking yourself if they are viable in the long run. In particular, the sudden increase of remote workers and online demand — while in itself a good thing — has been met with difficulty by some online service providers, both in terms of operations and in terms of security.

It’s clear that a number of issues must be resolved in order for these trends to remain viable as we move forward. Let me outline these concerns and some approaches to addressing them.

A staggering uptake in remote working and online activities increases cybersecurity risks

As mentioned above, online activity has skyrocketed since the start of the pandemic, from entertainment to remote working and transactional activities.

When compared to 2019, the number of transactions across 850 US retail eCommerce domains is up 40 percent. Paypal has experienced a 20 percent increase in transactions over the same period since last year, and never before have so many people worked from home — myself included.

As you may have guessed, this sudden increase in activity has also led to a rise in cybersecurity concerns. Let’s take a closer look.

From the perspective of remote working, 51 percent of organizations have already seen an increase in email phishing attacks since shifting to this model. Moreover, 50 percent of employers have allowed remote employees to use their personal email addresses and devices while working from home, with 51 percent saying that their remote working force isn’t properly trained in the cybersecurity risks of remote working.

With the activity of cybercriminals also increasing (74 percent of financial institutions experienced a significant spike in cybercrime since the beginning of the pandemic), these risks must be mitigated.

In comparison to having your workforce on company devices and the company network, this decentralization makes the task of securing sensitive company data much more challenging. A plethora of new factors come into play — including things as simple as the home Wi-Fi connection of employees or the antivirus they have installed — making it almost impossible for IT departments to ensure that sensitive company data is secure.

Add to that the increasing reliance on mobile apps for tasks both private and business-related. This is a domain where security has historically been sacrificed for features, and it is clear as day that strengthening security is a must to make these activities feasible even after COVID-19.

Sealing the gaps in security protocols is the best investment businesses can make in the long term

Improving security protocols can be a complicated and costly process for online service providers with already-established processes in place, but it’s the best investment businesses can make for the long term.

It’s the only way to keep remote working and other online activities running smoothly. In turn, it’s what will help you acquire new customers while keeping the old ones, as a direct result of the trust you’ve managed to gain among users.

In situations like the current moment where we have a record-high number of remote workers, as well as in online activities in general beyond the scope of the pandemic, it’s of utmost importance that trust is established between all parties. This means that effective management of online and mobile user identities is absolutely imperative for moving forward.

Furthermore, let’s not forget the actual costs cyberattacks can incur. The average cost of a successful endpoint attack was $8.9 million in 2019. Now, combine that with losses from user distrust. You get the picture —  it’s a position where none of us want to find ourselves.

So, what’s the best course of action?

Two things come to mind: education and general strengthening of systems for user authentication, verification, and fraud prevention.

As we’ve seen above, more than half of businesses say that their employees haven’t had any training pertaining to security when remote working. And if we’re talking about end-users of service providers, 60 percent don’t even use 2FA as a means of protection.

To put it plainly, educating your remote employees about the importance of upholding security protocols, as well as being transparent with your end-users, is a great and fairly easy first step to improving your security. As ineffective as 2FA has proved to be, it’s still much better than nothing.

However, functional multi-factor authentication systems capable of continuously verifying users, and therefore preventing fraud, are the ideal answer to these challenges.

What should you use? Biometrics, blockchain, IPification?

You should choose the systems most appropriate for your MFA architecture, but keep in mind that regardless of any other considerations, your solutions should uphold the following principles: security, privacy, and user experience.

For example, while biometrics for authentication works great from the user experience angle, this method raises significant privacy issues should the biometric data be stolen. However, as part of a larger MFA solution, biometrics could play an important role.

That’s the great thing about MFA, the authentication solutions cover for each other’s weaknesses. If you opt for biometrics, the other factors should uphold the principles of data privacy. Make sure to look into telecom-based mobile authentication options such as IPification, or even third-party authenticator apps for 2FA although user experience significantly deteriorates with these.

Write up the different authentication options, analyze how they would cater to your needs, ensure they cover the three security principles of something you have, something you know, and something you are – and most importantly, make sure that they are complementary with each other.


Harry Cheung is the Founder and President of IPification. Harry is a serial entrepreneur with more than 20 years of experience in cybersecurity and data protection. Before establishing Benefit Vantage Limited in 2014 and IPification in 2017, he established and grew Kaspersky Lab’s presence in the Asia Pacific region and served as an HQ company’s Board of Directors member. Harry likes fishing and sailing, and he writes articles on cybersecurity and mobile identity topics in his free time.

IPification is a Life’s A Pitch alumnus.

TechNode Global publishes contributions relevant to entrepreneurship and innovation. You may submit your own original or published contributions subject to editorial discretion.

2021: The year of ditching SMS OTP as 2FA?

Featured image credits: Unsplash