Adapt remote security practices to today’s digital reality at home

August 28, 2020
A Boston-area mother does work on a conference call while helping her two daughters with schoolwork. Today’s columnist, Greg Higham of Malwarebytes, says companies have to see COVID-19 as an opportunity to sharpen up their remote security operations. (Photo by Matthew J. Lee/The Boston Globe via Getty Images)
  • Increase device security. The device has become the new perimeter. In an expansive work-from-home environment, gone are the days of on-premise, office-based security. The term “perimeter” does not have the same meaning today as we look at the shift to both personal devices and networks, embrace remote and roaming work and reassess our security postures. We’re no longer building a fence to protect networks within a specific domain. Rather, we want to protect free-range devices across the world.
  • Patch everything. It’s simple and basic, but security teams must ensure they have installed the latest security patches/updates on everything, even if it means taking an availability hit. Waiting to install updates puts devices at risk, leaving an entry point that could devastate a business. It’s especially important as VPN exploits are a hot target for the bad guys and VPN usage has gone through the roof.
  • Create reliable device visibility. Once the team updates all of its software/hardware, it’s time to create visibility into employee devices. Use a reliable discovery tool to gain visibility into all employee devices and ensure they have the proper level of security for their role. Be clear about the boundaries between work and personal information and make certain that the company protects its employees while also respecting and preserving their privacy.
  • Employ a personal security portal. Today, every remote worker’s home network just became an extension of the business. This means that their networks, computing devices and mobile devices all now access the corporate network and need to remain secure. Use tools that will ensure connected personal devices are brought into compliance before allowing VPN access. Think about using a personal security portal to manage security deployment and licenses for personal devices.
  • Operationalize security for remote work. The company’s IT ops and security teams are now also working remotely. This means that efficient processes and a consistent routine have never been more important. Practice a scheduled daily scan for verifiable security. Then establish a prioritization scheme for top executives and the finance department by scanning their systems two or more times a day. Use an efficient cloud-based solution to maintain productivity and performance. Testing security in the cloud will bolster security and improve monitoring and remediation efforts, while minimizing risk.
  • Automate operations. By automating operations across groups and  machines the company will minimize manual errors and more efficiently handle an increased workload. Additionally, automation will let the team more quickly assess the severity of an attack and deliver an immediate response.
  • Treat remote devices the same. When an attack hits, security teams shouldn’t treat remote devices any differently than they would the ones that reside inside the corporate firewall. With so many remote users, it’s critical to quickly isolate and recover compromised endpoints before the attack spreads. If the company can reduce its remote SecOps response time from days to just minutes, it can ensure both effective and thorough remote remediation. Security teams can do this by leveraging expert incident responders to recover remote endpoints after a successful cyberattack. As a result, they will protect the network from exposure at the same levels as when employees are in the office.
prestitial ad