As 2020 began, security leaders were already abuzz about the data security for the growing remote workforce. Fast forward to today, and nearly half of the U.S. labor force is now WFH full time. A recent study by OpenVPN shows 90% of IT and Security pros believe that remote workers are not secure — and 70% say remote workers are a bigger data security risk than onsite ones. Here’s a quick look at how some of the most forward-thinking Security teams are addressing this growing challenge.
The remote work shift is here to stay
With the pandemic hitting a fall/winter surge, many companies are now targeting summer 2021 for their return to in-person work. And 3 in 4 U.S. office workers say they’d rather not return to the workplace even after restrictions are lifted. More than 4 in 5 company leaders plan to continue allowing remote work going forward. And it’s not just the tech companies: Nationwide Mutual Insurance Company in the U.S. and Barclays in the UK both recently announced that most employees in most locations will permanently shift to remote work.
Your users can help — but there’s still a blind side
Remote work setups often introduce data security risks because of less secure home networks and personal devices. Getting a more secure remote work setup isn’t impossible, and the burden doesn’t all have to fall on IT and Security teams. But even if users follow every policy and best practice, there’s still an enormous amount of corporate data now living and moving well outside the traditional perimeter — and that means it’s also well outside the view of Security teams (at least via conventional data security tools). That blind side becomes even more glaring when you consider that only about 10% of remote employees regularly use the corporate VPN — and two in five say they’re accessing confidential work information through unsecured, unsanctioned applications every day. In other words, around 90% of your users’ file activity is now happening off-network and out of view. That’s where Code42 Incydr can help.
Code42 Incydr secures data in the age of remote work
Code42 Incydr data risk detection and response uses an endpoint agent and direct cloud connections to monitor file activity from all of your users — regardless of where they happen to be working. That means remote employees don’t have to be on VPN for their file activity to be monitored. With Incydr, Security teams can get simple visibility across their remote users and a rapid, clear signal of serious risks in just five steps:
1. Define your remote work boundaries.
All you have to do is create a list of your trusted corporate IP addresses. Incydr automatically identifies any file movement, creation, deletion or sharing — including web uploads, USB, Airdrop and cloud-sync activity — from outside that list as remote or off-network. Employees do not need to be on VPN for their file activity to be monitored.
2. Monitor off-network activity on the Incydr dashboard.
The Incydr dashboard gives you an at-a-glance view of the remote file activity you need to be aware of.
3. Prioritize your high-risk remote users.
The Incydr dashboard also gives you a prioritized list of the remote workers whose file activity may require additional investigation and scrutiny.
4. Generate alerts you can trust.
Incydr automatically filters out trusted activities to only show activity that indicates potential risk, giving you a clear, high-fidelity signal of risk.
5. Get the context you need to respond quickly.
When activity does trigger an alert, Incydr shows you the user and IP address in question, and you can view a 90-day historical view of all activity in a user’s profile. This helps you investigate and respond rapidly — whether that means further employee education, automated SOAR action, a corrective conversation or legal action.
You can secure remote work — without stifling remote workers
The remote work shift is largely here to stay. But just because your users are working off the corporate network doesn’t mean you still can’t keep them, and your data, safe. With Code42 Incydr, you can keep tabs on when and where your data is going — without restricting where or how your employees want to collaborate and work. And you can get a clear, high-fidelity signal of risk, with the context you need to respond rapidly — before damage is done.
Stay tuned for the next installment in our Code42 Incydr Series, where we’ll cover how Incydr gives you unique capabilities to manage another of your biggest data security risks: departing employees.