(Updated 10/20/2020)
As I sit down (in my home office) to write this, I am hyper-aware of the rash of vendors using the current global health emergency to pitch their wares, so let me begin by sharing the same “Priority No. 1” that I have shared with my team: the health of you, your family, your co-workers and your community. Please listen to the real experts and respect their recommendations around social distancing, hygiene and travel.
After several customer conversations this past week, I also want to share some recommendations from security leaders I greatly respect. My hope is increasing understanding across our industry of how to best face this highly unique challenge. I believe the IT industry—vendors and practitioners—have an opportunity to deliver a kind of workplace resilience never before available to the global economy.
Themes related to “The Future of Work” have helped define modern approaches to Insider Threat Management. They have been the driving force behind the growth of my company, both in its previous incarnation as ObserveIT and now as the Insider Threat Management business unit at Proofpoint.
The “gig economy,” the rise of knowledge workers, cloud-connected workers, the globalization of the workforce and changes in office culture have all changed the relationship between employees and enterprises. These trends have also posed unique challenges for IT security organizations tasked with managing a fast-evolving threat landscape where people are the new perimeter.
All of these themes and trends have accelerated in the last few weeks at a pace that no one could expect. As the world adapts to this new reality, modern IT must step up and deliver a level of workplace resilience that has never before been demonstrated. It’s more important than ever to ensure that security teams can detect and respond to behavior that is outside of security policy or expected work activity.
Here are five recommendations for meeting the security challenges posed by the new widespread work-from-home reality.
- Refresh training on security policies and best practices
Security starts with an educated user base. Remote employees working with new access tools such as VPNs and zero-trust network access tools are more prone to making negligent mistakes. That's especially true as they, by necessity, mix work with home life. Now is a good time to refresh security awareness training programs.
- Limit remote workers’ access to only the applications and information they need
While this step is a cornerstone of any insider threat program, it becomes even more important when workers are remotely accessing sensitive systems and data—sometimes with less control over the endpoint and the network they use. If your enterprise has not already done so, now is the time to deploy and enforce a policy of least privilege access across your entire workforce.
- Test your secure remote access strategy
Protecting connectivity to corporate applications and data is fundamental to securing remote workers. This is true whether using a traditional VPN or modern software-defined perimeter. Access and endpoint security must address the needs of a workforce striving to stay productive while working from home. Learn more about our complimentary offer to help secure your remote workforce.
- Leverage multi-factor authentication as broadly as possible
Protecting access to data and resources with multi-factor authentication (MFA) is a necessary failsafe, even when connecting from protected endpoints. As remote workers are connecting from either BYOD or sanctioned endpoint devices, the risk of credentials being compromised increases. Ensuring that sensitive applications and infrastructure remain protected with a strong authentication strategy becomes even more important in today’s distributed work culture.
- Ensure visibility across broadened footprint
As new endpoints come online—whether physical or virtual—you need visibility into all of them. Workers are still adjusting to a new online work paradigm. They are more vulnerable to improperly managing sensitive data and potentially more vulnerable to being compromised by outside actors. So enterprises must endeavor to have visibility across the broader footprint of endpoints in their organizations today.
Admittedly, some of these recommendations are the bread and butter of modern security programs. But now is the perfect time to reassess your enterprises security policies and strategies from the perspective of a widespread work-from-home reality. Consider it a necessary response to our changing circumstances.
Best wishes for resilience to your organization and most important, health to you and your teams.