Richard Melick, Sr. Technology Product Marketing Manager at Automox.
For years, security teams have developed strategies around a confined, controlled environment, building infrastructure into place to keep the proverbial vault shut and data secured — yet we continue to read about breaches, infections and data loss. The growing number of remote American workers continues to increase with no signs of a slowdown, so it’s only a matter of time before that data breach or malware exploit happens to you (if it hasn’t already).
None of this should be news to security professionals. According to a 2018 OpenVPN survey, 90 percent of IT professionals that responded reported that they believe their remote workforce poses a security risk. And, 36 percent reported that a remote employee was the cause of a security incident. Apricorn reports similar results in a recent survey of IT decision-makers in the United Kingdom. Let’s face it, the data doesn’t lie.
The legacy approaches developed to support this growing trend such as requiring VPN connections back to the corporate office or using a cloud-based content control tool can work, but they are limited to Internet-connected devices. In order for you to confidently let workers roam, we offer some tips to help you develop a step-by-step security plan to keep your data, intellectual property and access secure.
Security Awareness Training
Security awareness training should be a part of every company’s employee onboarding training, no matter their position within the company. Whether you sign up for services training from a third-party company or develop one internally, security training can help get every employee into the mindset of what is expected of them to protect the company, assets and equipment.
Setting the ground rules from the very start such as establishing strong password rules, knowing how to detect phishing attempts, and even the core concept of backing up data will only help with future efforts.
Helping to ensure your users care about the security of their devices and the assets they are in charge of maintaining also helps to set the expectations on the users. It gets them into the mindset of securing not only their work computer but also the other devices they use daily such as home Wi-Fi and phones.
Trust No One
Data falling into the wrong hands, even if that person is an employee, can lead to a disaster no matter the kind of data. Designing your networks with a zero-trust model keeps that data under lock and key, except for those authorized users that require access and use.
Not all users on your network need access to every component. Remember, it’s always easier to grant permissions after verification than to take away access after a potential compromise. Users who connect to your network do not need visibility or access to assets past what they need to complete their jobs.
Two-Factor Authentication
Time and time again, we have seen that a secure password isn’t enough these days. While security plans might call for quarterly password updates users are often taking the path of least resistance to update to their newest password.
This predictable behavior can be safeguarded through a simple two-factor authentication (2FA) setup. If a password is compromised, the dual-factor authentication keeps the attempted access at bay while notifying both the user and IT admin of the suspicious activity.
Whether you use a token key or a mobile phone setup, both forms of 2FA provide an additional level of security to often-compromised passwords.
Patch Your Shit
Patch Tuesday is the standard delivery day for required software updates that many IT admins rely on to fix the gaps in their infrastructure software and critical programs. If you don’t patch, you’re not protected.
While many organizations have a patch strategy, a recent ServiceNow study conducted by the Ponemon Institute concluded that over 62% of companies can’t tell if vulnerabilities are patched quickly, and 74% of these companies cannot patch in a timely manner due to the cybersecurity staffing shortage. The lack of visibility into systems and their vulnerability, along with this ever-growing shortage of employees, is leaving endpoints vulnerable to attack. This forces organizations to rely on endpoint protection platforms to do more of the heavy lifting to keep environments secure.
Automated Services
Take some stress off of maintaining your roaming network and apply focused automation solutions.
An effective and advanced Endpoint Protection Platform (EPP) like SentinelOne is capable of delivering automation services to handle the necessary steps of security prevention and protection. By automating endpoint protection processes and processing, you are setting your network up for a preventive approach and letting your IT and security teams focus on more significant risks to the infrastructure.
Good Log Intelligence
Data is king here, especially when it comes to the use and connectivity of your devices by employees.
Did that machine connect to a new Wi-Fi? You should know that. Are large amounts of data being transferred out or copied to portable devices? Also good to know. This includes contextual awareness of authentication, focusing on geolocation and time/date connectivity. Did an in-office worker log in from a machine in another country? You need to know.
Logging how the endpoints are used can help your security team stop issues before they get out of hand and keep data secure, as well as provide reliable data to threat hunting teams in case of an incident.
Contingency Plans
A device is going to get lost. Someone is going to connect to that free coffee shop Wi-Fi or use a thumb drive. And all of this will be despite the hours of education and training. The world of convenience and curiosity will always override security training, and you need a contingency plan in place. Deploy solutions that provide the capability to quickly lockout machines, remove cloud access, and even remotely wipe stolen devices.
In the end, no perfect security plan exists. The workforce will continue to expand beyond the office walls, and you must accept that your security approach must evolve with your roaming employees. Building a foundation with the above-mentioned steps can set your organization up for a successful growth strategy as workforces change.