Content

Adapt remote security practices to today’s digital reality at home

A Boston-area mother does work on a conference call while helping her two daughters with schoolwork. (Matthew J. Lee/The Boston Globe via Getty Images)
A Boston-area mother does work on a conference call while helping her two daughters with schoolwork. Today’s columnist, Greg Higham of Malwarebytes, says companies have to see COVID-19 as an opportunity to sharpen up their remote security operations. (Photo by Matthew J. Lee/The Boston Globe via Getty Images)

The coronavirus pandemic has changed the way we work. It’s a new remote reality that will likely have a lasting impact, well beyond when quarantines are lifted. Companies must quickly evolve, adapt and improve Remote Security (RemoteSec) practices to ensure that the new environment remains both protected and productive.

Consider the risks. Businesses were a growing threat target last year. Our 2020 State of Malware Report found that global business threats rose 13 percent in 2019 to about 9.6 million detections. The work-from-home scenario makes businesses even more vulnerable, especially when threats targeting them are harder to track as employees use work devices over their own personal home networks.

Managing remote workers will put our cyber hygiene to the test during this challenging period. Employees are an important factor, whether in the office – or at home. We’re all human, and the uncertainty of this time may mean a lower awareness of threats and greater susceptibility and risk. To prepare and help arm the workforce, consider focusing on these priorities:

  • Increase device security. The device has become the new perimeter. In an expansive work-from-home environment, gone are the days of on-premise, office-based security. The term “perimeter” does not have the same meaning today as we look at the shift to both personal devices and networks, embrace remote and roaming work and reassess our security postures. We’re no longer building a fence to protect networks within a specific domain. Rather, we want to protect free-range devices across the world.
  • Patch everything. It’s simple and basic, but security teams must ensure they have installed the latest security patches/updates on everything, even if it means taking an availability hit. Waiting to install updates puts devices at risk, leaving an entry point that could devastate a business. It’s especially important as VPN exploits are a hot target for the bad guys and VPN usage has gone through the roof.
  • Create reliable device visibility. Once the team updates all of its software/hardware, it’s time to create visibility into employee devices. Use a reliable discovery tool to gain visibility into all employee devices and ensure they have the proper level of security for their role. Be clear about the boundaries between work and personal information and make certain that the company protects its employees while also respecting and preserving their privacy.
  • Employ a personal security portal. Today, every remote worker’s home network just became an extension of the business. This means that their networks, computing devices and mobile devices all now access the corporate network and need to remain secure. Use tools that will ensure connected personal devices are brought into compliance before allowing VPN access. Think about using a personal security portal to manage security deployment and licenses for personal devices.
  • Operationalize security for remote work. The company’s IT ops and security teams are now also working remotely. This means that efficient processes and a consistent routine have never been more important. Practice a scheduled daily scan for verifiable security. Then establish a prioritization scheme for top executives and the finance department by scanning their systems two or more times a day. Use an efficient cloud-based solution to maintain productivity and performance. Testing security in the cloud will bolster security and improve monitoring and remediation efforts, while minimizing risk.
  • Automate operations. By automating operations across groups and  machines the company will minimize manual errors and more efficiently handle an increased workload. Additionally, automation will let the team more quickly assess the severity of an attack and deliver an immediate response.
  • Treat remote devices the same. When an attack hits, security teams shouldn’t treat remote devices any differently than they would the ones that reside inside the corporate firewall. With so many remote users, it’s critical to quickly isolate and recover compromised endpoints before the attack spreads. If the company can reduce its remote SecOps response time from days to just minutes, it can ensure both effective and thorough remote remediation. Security teams can do this by leveraging expert incident responders to recover remote endpoints after a successful cyberattack. As a result, they will protect the network from exposure at the same levels as when employees are in the office.

The stay-at-home orders will hopefully get lifted in the months to come, but it’s still several months off. It may indeed become a long-term trend for employees to work-from-home, and even in the most normal circumstances, companies will always have employees traveling and working nights at home.

Now’s the time to get RemoteSec right. Eliminate the security team’s patch backlog, operationalize and automate security for remote workers and optimize remote device recovery processes. This will improve cyber hygiene and create a stronger security profile for the business.

Greg Higham, chief information officer, Malwarebytes

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.