Working remotely poses challenges. When the business world moved almost the entirety of operations and employees home earlier this year, cybersecurity experts like me found it both exciting and somewhat terrifying. It was certainly an opportunity for those of us in the cybersecurity sector to demonstrate how we can help. But the potential for a second pandemic – one consisting of the exploitation of vulnerable systems and data by bad actors – kept a lot of us up nights wondering how we could keep industry safe.
Like me, most cybersecurity professionals knew that, for any number of reasons, some organizations were inevitably going to dismiss or underplay the threats posed from moving operations offsite. Warnings of insufficient firewalls, susceptible networks and lackluster end point protection software sometimes fell on deaf ears. Many decision makers were either naïve about the scope and scale of threats posed by the home office or they anticipated a short-term situation rather than the long-haul we find ourselves in now. So, some businesses did not jump on board with advanced Work from Home (WFH) cybersecurity protocols essential to the safety of their data, operations and even their accounting and finances.
It will be interesting in a few years, when all is said and done, to analyze the ROI that enhanced cybersecurity measures during the pandemic afforded proactive organizations (compared to those who dragged their cybersecurity feet). Time will certainly tell.
In many ways, the pandemic merely expedited and expanded the slowly growing trend of employing a remote workforce. When you think about it, to some extent, the remote work paradigm started to take root in the 1970s with the overseas outsourcing revolution and global business expansion. So this entire remote operations paradigm – and the cybersecurity challenges it poses - has been a long time coming. COVID-19 just accelerated the inevitable.
While remote workforce and WFH security solutions are vast and incredibly customizable, they all mostly boil down to a few critical elements. Secure remote connectivity, end-point protection and critical visibility.
top of page
Secure Remote Connectivity
Working remotely demands reliable, fast access to the same systems and services that a worker would use in the office. Additionally, it requires solutions that secure those services and the data contained therein. Typically, such controls are part of a portfolio of centrally managed security systems in the Enterprise computing environment. Firewalls and gateways to/from the internet that normally acts as a traffic cop; systems that detect abnormal access or activity occurring within the network. In the WFH environment, these controls are either entirely absent or function in a completely different manner. So how does an organization achieve the same level of security?
Secure Access Service Edge (SASE – pronounced “Sassy!”) is a cloud-based technology framework that delivers exceptional network security, advanced threat protection and the best possible user experience – regardless of location. Combining next-level detection services with natively built cloud architecture provides organizations advanced threat and breach detection that follows the individual and/or the device and by policy. SASE allows a company to provide access to networks, data and other technology security without any location limits.
Endpoint Security
Safeguarding end-points, essentially the entry points into the Enterprise, is particularly critical when your team is working remotely. Endpoints are the target of cyber threats and may become vulnerable, resulting in unauthorized access or even data breaches. So shoring up security on desktops, laptops and mobile devices to keep the bad guys out, is one of the most important requirements for working remotely and securely.
Endpoint protection platforms (EPPs) leverage massive, evolving databases of security threat patterns to evaluate actions, processes, interactions and files on the end point and as the end point interacts with Enterprise systems or the network. If a threat is detected, EPP acts by blocking the use of the application that the threat is attempting to exploit or that it deems unsafe.
EPP has multiple weapons in its arsenal. It can detect zero-day threats in real time and provide substantial antimalware capabilities, web security, data loss prevention and an integrated firewall to block hostile network attacks.
EPP truly is the sentry safeguarding your network fortress.
Visibility
Security information and event management (SIEM – pronounced “Sim”) is a system that aggregates relevant data from multiple sources, identifies anomalies and inconsistencies, then prompts a predetermined action, like an alert or a log.
Today more than ever, a SIEM system must have the ability to collect data from both on-premise and remote sources. SIEM can live on-premise or on the cloud – and can be managed by a third party, co-managed or managed in-house.
bottom of page
Comments