By Bill Smeltzer, CSO
JULY 27, 2020 —As we discussed last month, security continues to emerge as a core challenge for organizations, particularly in recent months. In the blink of an eye, the world became more digitally connected than ever, which drastically increased the risk of cyberattacks. The vast constellation of remote offices, all tapping into their corporate networks from home computers and networks, has left organizations with a new attack surface to contend with.
Much as we’d all like to return to business as usual—the way things were before the world was pummeled by a global pandemic of epic proportions—it’s become clear that the remote workforce model will continue, to some degree, well into the foreseeable future. While many of the kinks of the work-from-home (WFH) model have been largely ironed out, the question still remains: how can organizations secure remote working practices while ensuring critical business functions continue to operate seamlessly and without interruption?
Here are three steps you can take to secure your network infrastructure:
1. Ensure end-user awareness training and communication:
Most WFH employees aren’t thinking about the security implications of working from a remote office. They are thinking about completing their own job function, possibly while juggling a myriad of distractions going on behind the scenes. Now is the time for CTOs and CISOs to raise employees’ awareness about security and the critical role they play.
Consider initiating e-learning or web-based training around the new landscape of scams and phishing campaigns being deployed by malicious actors, with clearly defined best-practices to combat these threats. To coincide with training, you might want to update security policies to ensure consistency across the organization.
Additionally, be sure to partner with your communications team to ensure security updates are incorporated into your organization’s internal communications strategy. These communications might include updates on the latest phishing scams, tips on how to avoid falling victim, and reminders to report suspicious emails or files that cross their desk (or rather, laptop).
2. Secure the home office:
Keeping employees in the know is only one piece of the puzzle. It must be accompanied by a level of accountability by employees to limit the security risks their home systems pose to the company. The good news is, it doesn’t have to be overly complex.
- - Implement a multifactor authentication
- - Encourage employees to use strong passwords (e.g. symbols) for apps and accounts
- - Require antivirus software on personal computers being used for work-related tasks
- - Make it clear that work computers are not to be accessed by family members
- - Institute monitoring protocols to ensure stringent security compliance
- - Consider SD-WAN technology to get more visibility into the home network
3. Up your network security game with next-gen technology and continuous monitoring:
Your network security efforts are only as good as the technology powering them. As cloud-based collaboration tools continue to be deployed across the remote workforce to facilitate a cohesive virtual team, hackers have been given a new opportunity to hack your sensitive data now that it resides in a less secure remote workplace.
Organizations need to be able to detect and respond to suspicious behavior instantaneously. Threat detection and response capabilities must include advanced capabilities supported by next-generation firewall technologies, automation and AI. While many organizations are choosing to manage their network security in-house using client-owned software, others are turning to MSPs to take the now-growing burden off their shoulders. With cloud-based, as-a-service network infrastructure solutions like Focus IT SecurManage, businesses can turn their network security over to security-trained experts who will deliver comprehensive end-to-end network security that will prevent emerging threats.
Today, businesses can’t afford to take their eye off the security ball, even for a second. That’s how long it takes for a hacker to find a vulnerability and seize the opportunity. The truth is, even the most highly sophisticated organizations have been caught off guard by the bizarre and unforeseen circumstances of the past several months.
As the landscape of technology continues to shift and move, new cyber risks are emerging every day. Organizations need to make sure they’re in a position to better understand, prevent and manage them.
To learn more about what you can do to protect your organization, click here.