To help ensure remote work security, organizations need to consider SOCs, digital distancing, island hopping and security roles.
In response to sudden work-from-home directives, business leaders everywhere are asking trusted security professionals: How do we balance security with employee productivity?
The biggest initial unknown was bad actors. Would they continue to strike, even stepping up actions on the vulnerable ranks of remote workers? The response came quickly and fiercely: an overwhelming “yes” that put defenders on notice to ensure remote work security.
Is Our Data Safe?
Attack volumes and surfaces both continue to expand simultaneously, according to VMware Carbon Black experts hosting the recent “Working Remotely, Securely” webinar.
With the estimated 70% increase in remote work, experts point to month-over-month surges of:
- Ransomware attacks
- Phishing
- Waterhole attacks on websites and mobile apps
- And other cyber threats
In March 2020, according to VMware Carbon Black research, ransomware attacks increased 148% over baseline levels from February 2020. Global financial services organizations were the most heavily targeted.
Amid the uncertainty, IT security teams work tirelessly to keep organizations and data safe. They’re doing everything from pushing updates to reconfiguring networks as they accommodate traffic surges from unknown locations and through personally owned devices.
“Customers tell us they need to increase employee connectivity while shifting more focus to protecting remote users at distributed endpoints,” says Ryan Murphy, founding team member of VMware Carbon Black.
5 Considerations for Improving Remote Work Security
Like pilots adjusting when a plane is in the air, many security teams are working from home themselves, altering standard operating procedures. Now is an ideal time to share these five best-practice considerations for improving remote employee data security.
- Rethink security operations centers (SOCs) and workflows.
COVID-19 has proven that organizations need to look beyond security operations and solutions that require a physical presence. Many enterprises built centralized SOCs, where dedicated teams sit in one location to detect, respond to and prevent threats. The current environment, however, underscores the need for security professionals to work remotely or from geographically distributed locations.
To gain this capability, you can deploy a cloud-based security stack, enabling SOC teams to identify vulnerabilities, install patches and validate configurations remotely through the cloud. Organizations with these capabilities gain an advantage in adapting to the new environment. Others are now taking steps in this direction–with cloud-based and or software-defined models–to improve not only their security postures, but also business continuity and business resiliency for tomorrow.
- Practice digital distancing.
A family home may now include a plethora of mobile devices (such as phones, tablets, laptops and personal assistants), as well as home automation and security systems. But from a cybersecurity standpoint, these environments are polluted by so many different connected devices with little or no protections.
“Digital distancing” leverages the same philosophy as the current “social distancing” pandemic-related practices. IT security teams play an important role in educating remote workers. A few examples:
- Instruct users to isolate their work-related digital activities to a single, separate network on their home routers.
- Employees need to limit access privileges on their home routers to keep cybercriminals from taking control.
- As much as possible, remote employees need to digitally distance their
from WordPress https://ift.tt/37v960a
via IFTTT
Comments
Post a Comment