InfoSec Insider

Why Your Business Needs a Long-Term Remote Security Strategy

zoom bombing

Chris Hass, director of information security and research at Automox, discusses the future of work: A hybrid home/office model that will demand new security approaches.

When COVID-19 first emerged, companies across all sectors of the economy were forced to rapidly transition to remote work. The goal was simple: Ensuring business continuity in the face of an unprecedented challenge — a challenge that most assumed would come and go in short order.

As vaccines continue to roll out and the world finally begins reopening more than a year later, it appears as though remote work is here to stay. One recent study found that just 9 percent of remote workers want to return to an office full time. Of course, this isn’t to say that in-person work is going away altogether; Apple recently announced that its employees will return to the office three days a week starting in September.

Taken together, the future of work appears to be more of a hybrid model, with some employees working remotely and others working in the office.

Infosec Insiders Newsletter

Unfortunately, many organizations are still operating with the exact same remote solutions they rolled out in March 2020. While these solutions have helped companies keep operations humming along during the pandemic, most were pieced together quickly, with security as an afterthought.

In an age where the average data breach costs $3.86 million and companies can reasonably expect to have some level of a distributed workforce, it is critical to take a proactive stance to security and implement a long-term remote security strategy. Failure to do so could have disastrous effects on your business.

VPNs Are Not Enough for Remote Security

Last year, most companies added or extended VPN solutions in their tech stacks as they transitioned to remote work. But a VPN by itself is not a panacea. When teams are working from all around the world, it can be difficult for security teams to manage every endpoint effectively.

The popular narrative that corporate VPNs are trusted and secure couldn’t be further from the truth. In fact, distributed endpoints tend to be some of the easiest targets for attackers. In some cases, gaining entry to your network is as easy as an employee committing an unintended error.

This begs the question: What mechanisms do you have in place to protect against an employee connecting to an insecure network (e.g., public Wi-Fi), forgetting to connect to your VPN and then clicking a malicious link? What if a member of the team accidentally leaves their laptop in a coffee shop or on a train?

Challenges, Opportunities for IT Teams Ahead

If your organization is still using on-site management techniques to manage endpoints for a distributed team, you’re going to have a difficult time in today’s challenging and dynamic security landscape.

In typical environments, employees can only access networks when they’re onsite or logged in through the corporate VPN. But when teams are distributed around the world, not everyone will connect to the VPN every day, especially when you rely on cloud-based tools like GSuite, Microsoft Office 365 and Slack. If employees are able to get their work done using these services, you’ll have unmanaged corporate endpoints — much to the delight of bad actors.

Luckily, it’s not impossible to overcome these challenges. The best way to do so is by implementing an effective distributed workforce security strategy that won’t have to rely on what network your endpoints are connected to. Instead, all endpoints should be managed whenever they’re on. Some options for doing so include cloud-based patch management, mobile device management (MDM), endpoint and intrusion detection and response (EDR/IDR), antivirus software, endpoint encryption and secure email gateways.

If you’re truly embracing a long-term remote strategy — and you should be, assuming you want to attract and retain top talent — you have to understand that on-prem connectivity can’t be a requirement for tools your workforce needs to be productive and successful.

New Solutions and Strategies for Remote Workplaces

When it comes to implementing purpose-built solutions for distributed teams, IT leaders need to consider every department’s use cases and requirements. You’ll need to weigh the risks of not making any changes against potential impacts to business activity and customers.

First, it’s important to put strategic rollout plans in place to limit potential business impact. You’ll also need to get buy-in from leadership, which will make the change an easier sell to the rest of the team.

As you begin rolling out new security solutions, remember that they are only as strong as the weakest link — which, in most cases, is your end users. By investing in user-education platforms, you can help your team understand common vulnerabilities and threats (e.g., weak passwords), which can return significant dividends.

And finally, in today’s evolving landscape where new threats emerge every day, it’s likely only a matter of time before your systems are breached. So, instead of thinking about what you can do to prevent a breach, you should assume a breach will happen and implement a zero-trust architecture. By treating all vendors as potential threats and implementing least privilege access controls to further secure your systems, you put yourself in a much stronger security position.

Looking Ahead: What Comes Next?

Over the last year, we’ve seen a large trend in attackers focusing on home networks. As teams continue working remotely, it appears this will be the new normal in 2021 and beyond. So what do you do?

Again, assume that end users will always be the weakest link in your security strategy. On one hand, an employee might carelessly forget to log into a VPN and connect to an insecure network. On the other hand, a disgruntled employee might decide to sabotage things from the inside.

You can solve for both scenarios by following best practices and implementing zero trust architectures, least privilege access, and cloud-based security tooling. Since the typical home environment isn’t well secured, security needs to be closer to the workload itself.

The sooner you develop and execute a long-term remote-security strategy that takes all of these factors into consideration, the faster you’ll gain real-time insight and control over your IT environment. With the right approach, you’ll have the peace of mind that comes with knowing your network is secure, and you can invest more energy on the bigger picture.

Chris Hass is director of information security and research at Automox.

Enjoy additional insights from Threatpost’s InfoSec Insider community by visiting our microsite.

Suggested articles