TL;DR: Covid-era remote work, data protection, and how people are coping with social distancing and media anxiety are the focus of Seamfix’s first Identity & Tech Podcast episode, while positioning technology as a practical tool for working safely and staying informed. The underlying issue is governance, not just productivity: identity, access, and data controls have to adapt when work moves outside the office.
NHIMG editorial — based on content published by Seamfix: Identity & Tech Podcast episode one on covid, remote work, and data protection
By the numbers:
- Only 5.7% of organisations have full visibility into their service accounts.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
- 92% of organisations expose NHIs to third parties, raising concerns about supply chain security.
Questions worth separating out
Q: How should security teams reduce identity risk in remote work environments?
A: Security teams should combine stronger authentication with device posture, access segmentation, and fast response to suspicious sessions.
Q: Why does remote work make data protection harder for security teams?
A: Remote work increases the number of places where data can be copied, shared, and retained, from personal devices to cloud collaboration tools.
Q: What do security teams get wrong about remote access trust?
A: Teams often assume that authenticated remote access is equivalent to trusted internal access.
Practitioner guidance
- Tighten remote access policy Require MFA, conditional access, and device trust checks for all remote sessions, then review which users or services still receive broad access under exception rules.
- Review collaboration data paths Map where remote users can download, forward, or sync sensitive files across SaaS tools, shared drives, and personal endpoints, then reduce unnecessary sharing permissions.
- Shorten access review cycles Revalidate remote worker entitlements more frequently when roles, devices, or work patterns change, and remove access that no longer matches the current need.
What's in the full article
Seamfix's full podcast episode covers the conversational and practical detail this post intentionally leaves in summary form:
- The discussion around covid-era remote working, media anxiety, and how people were coping with the shift to virtual work.
- The presenters' practical advice on using technology as a useful tool for work, communication, and everyday access.
- The broader identity and data management themes that sit behind the episode's opening discussion.
👉 Read Seamfix's podcast introduction and episode one on covid-era remote work →
Identity and data protection in remote work: what changed first?
Explore further
Remote work has turned identity controls into the primary security boundary. When users no longer sit inside a trusted office network, authentication strength, session governance, and device trust become the real control plane. That shift affects both human identity and the machine identities that support collaboration platforms. Practitioners should treat remote access policy as a core security architecture decision, not an HR convenience.
A question worth separating out:
Q: Which frameworks are most relevant to remote-work identity and access governance?
A: NIST Cybersecurity Framework 2.0 is the clearest high-level reference for remote-work governance because it ties identity, protect, detect, respond, and recover together. For identity-specific control design, teams should map access review, authentication strength, and session governance to their own IAM and data protection requirements.
👉 Read our full editorial: Remote work, identity and data protection in the covid era