How to deal with the challenges of cyber security and remote work

Remote work is the new normal. The boundaries of an enterprise now extend from the data center right to the living room. Organizations are faced with a myriad of cyber security challenges that accompany this new situation. Here is an overview of why working from home presents such significant challenges.  And how you can implement an effective cyber security solution for your organization.

VPN: an outdated approach to growing cyber security challenges

Organizations have been dramatically affected by the global pandemic. Shifts in worker mobility and accelerating changes in the definition of work are prevalent. Yet, many enterprises still use outdated VPN technology to route all traffic through the corporate network before delivering to any cloud-based application.

This legacy technology approach degrades performance to such an extent that users seek ways to bypass security and access the applications directly.

A large number of employees now operate outside the perimeter and beyond the traditional firewall. Companies need to find ways to protect their assets, as well as monitor, control, and remediate threats in places that seem difficult or impossible to manage.

Cyber security challenges and lack of preparedness

Few enterprises are prepared to enable remote access for all employees at once during emergencies such as the COVID-19 crisis. Solutions such as a cloud access security broker (CASB) or zero-trust network access (ZTNA) could resolve these issues.

Alternatively, users could be allowed to securely access those applications outside of the corporate network. An access management tool (AM), such as Okta., can enforce additional corporate controls if a CASB is being used.

 

The need to “lock down” your environment and hermetically seal it off from the world is a relic of the past. In the hyper-connected world of cloud, data, mobile and AI, cyber-security is an enabler, not a speed bump to business success.

 

Synergist-Framework-agile-reimagined

Tollanis is recommending to all enterprises/SRM leaders to pilot and deploy multi-factor authentication (MFA) for any kind of remote access. The key to cyber security success is technology and policies that are tailored for deploying modern high-volume remote access.

We believe that enabling the right solutions, as well as empowering and training your employees is essential. This will create a business climate and tool set that will allow your organization to:

    • React faster
    • Engage opportunities sooner
    • Get to market quicker

This can be achieved without the fear and cumbersome technologies of the past. The need to “lock down” your environment and hermetically seal it off from the world is a relic of the past. In the hyper-connected world of cloud, data, mobile and AI, cyber-security is an enabler, not a speed bump to business success.

People are always going to be your weakest link and the most susceptible to cyber threats.

 

1 – Evaluate and gather requirements before you start looking a technology solutions

We often see organizations buying and implementing technology solutions without first knowing what the end users require exactly. It is important to understand that in any technology solution, people are always going to be your weakest link. And the most susceptible to cyber threats.

These realities lead to poor performance and even potential security vulnerabilities. Organizations need to evaluate and consider:

Who are the users and what is their job function?

All users are not equal. Some users may require more bandwidth than an average user who simply checks email. These include executives or mission-critical employees.  As well as those who have intense data analysis needs.

What kind of device is being used and who owns it?

Usability and security vary widely across the universe of devices. A corporate-owned PC is much easier to secure than a personally-owned smartphone.

What kind of applications and data do users need to access?

Are these applications and data located on-premises or in the cloud? For example, for users who only need to use dedicated SaaS applications, having an always-on VPN to the corporate network would deliver a poorer performance. Using an access management tool, or a CASB with (or without) an AM tool is a much more effective option.

Where in the world is a user located?

A wide array of data security, labor, and privacy laws spread across countries and local jurisdictions complicates offline data storage choices.

2 – Identify your use cases

As you ask questions and develop use cases, end users can be put into different service offerings. These include cloud-only, remote user or highly regulated and secure. IT can then build the appropriate technology required to meet these use cases.

Most enterprises will typically have at least two or three main use cases. Other policies can be based on these. But there will always be outliers. So technology leaders needed to ensure that company policies and security frameworks remain flexible. These should allow for ever-evolving business needs. And for the one-off use cases that may need to be addressed.

Remote workers are particularly susceptible to phishing and traditional cyber security threats. This happens because so much occurs on the same device and connection. There is the comingling of data, email addresses, multiple web sites. And work and leisure activities are often conducted at the same time. This opens the opportunity for even the simplest security threats to gain a foothold on the extended enterprise and breach your perimeter.

3 – Consider your connection requirements

Before evaluating individual remote technologies, it is important to understand the current status of any existing remote access deployment. You should also consider the environment and demands that the connection solution is answering.

 

Synergist-Framework-agile-reimagined

4 – Select the right cyber security product for your use cases

Even if there is an existing, workable product in place today, it still may not be optimal for providing the best experience for all users. This is especially true at the scale required to support everyone during a crisis.

We have built our business upon ensuring that existing tools and technologies are leveraged, integrated and used in the most cost-effective way possible. Several variables dictate whether multiple products need to be deployed.

These include:

    • Users’ job functions
    • Types of devices they need to use and who owns the device
    • Applications and data they need to access and where that data is stored
    • Geographic location of the user

5 – Implement remote work policies and compliance

As discussed, people are always the weak link in our cyber security solutions. Ensuring that created policies are understandable, implementable, and measurable for compliance are critical. Enterprise tools such as Splunk can allow you to provide real-time monitoring and data collection on policies.

End-user polices are critical to the successful execution of any cyber security initiative. Constant care needs to be given to adjusting, evaluating and tracking the effectiveness and adherence to the policies you create.

Creation and approval of these policies should include critical and key stakeholders. These include human resources, legal, security, compliance, labor unions/workers councils and executive leadership. The end user should physically sign all policy documents. A click-through online agreement is not sufficient. Electronic signatures are an easy and efficient way to enable the execution and signing of these policies.

The policies should also be written in simple local language. Avoid any legal terminology. If this is an urgent issue, legal counsel should still vet the policy. And employees should still physically sign the document as soon as possible.

We can assist in creation and enablement of these policies, which tend to be tedious and time consuming to create.

6 – Identify the cyber security gaps and risks

The old adage in cyber security always holds true. It is not a matter of if you will have a breach or security incident, but when and how severe.

The old adage in cyber security always holds true. It is not a matter of if you will have a breach or security incident, it’s when and how severe.

All technologies and policies are only as good as the ability to test, evaluate and simulate real work scenarios of remote worker use cases. Tabletop exercises with real world users and stakeholders are a great way to validate processes, organization and security technology responses and remediation. They provide real world feedback that can be incorporated into the continuous improvement in the security environment life cycle.

 

Stephen Smith – Founder and CEO of Tollanis Solutions, is a serial entrepreneur and career CIO, leading technology change for Fortune 500 organizations in healthcare, home building, retail, automotive and financial services.


Tollanis DiagnoseHow secure is your current solution?

Sometimes, even the best solution can benefit from a second pair of eyes. The Free Tollanis Rapid Health-Check allows you to get an objective second opinion on your current cyber security solution set and practices. To learn more, simply book a call with one of our cyber security consultants. 

 

 


Definitions of common cyber security terms


What is Cyber Security?

Cyber security, also known as IT security, or computer security is defined as the practice of defending devices, software and systems from malicious cyber activity. Such malicious activity may include threats such as malware, denial-of-service attacks, phishing and spoofing. This activity is designed to misappropriate data including customer personal data and trade secrets or to disrupt or damage systems or services.

What is Zero Trust Network Access?

Zero trust is cyber security concept that relies on user-identity management and secure processes and technologies rather than on traditional network-centric perimeter enforcement. These measures can be applied directly to organization-wide resources, no matter where they’re located.

What is Multi Factor Authentication?

Multi-factor authentication, as the name suggests is an authentication method that relies on the presentation of two or more pieces of evidence by a user in order to gain access to an application or system. The authentication mechanisms must be from different categories of factors, which are as follows:

    • Knowledge factors – something the user knows such as a password
    • Possession factors ­– something the user has in their possession such as a device
    • Biometric factors – something that is physically part of the user such as a thumbprint.

What is Unified Endpoint Management?

Unified Endpoint Management, or UEM is a strategic approach to network security and efficiency. It manages a broad range of endpoints from a centralized platform. These endpoints, which can include computers, smartphones and IoT devices, create a broad “attack surface” of vulnerabilities that must be managed diligently. UEM is particularly relevant for Bring-your-own-device (BYOD) management, role-based device management, compliance-driven management as well as enterprise PC management.


Cyber security acronym key and glossary terms, you need to know

VPNVirtual Private Network
ZTNAZero Trust Network Access
CASBCloud Access Security Broker
VDIVirtual Desktop Infrastructure
DaaSDesktop as a Service
IaaSInfrastructure as a Service
EPPEndpoint Protection Platforms
MTDMobile Threat Defense
UEMUnified Endpoint Management
CMTClient Management Tools
MFAMulti Factor Authentication
MDMMobile Device Management