Authored by: John Matthews, CIO, ExtraHop
Earlier this year, organisations across Singapore shifted to remote work to safeguard the health and safety of employees while minimising disruptions on operations. With most employees working from home, remote working tools such as video conferencing software and collaboration applications became central in ensuring business continuity amidst month-long lockdowns. While offices have started to reopen, it is quite clear that remote working is here to stay. To support organisations transitioning to remote work setup, the Infocomm Media Development Authority (IMDA) and Enterprise Singapore pre-approved remote working solutions that come bundled with laptops, with up to 80 per cent subsidy from the Productivity Solutions Grant (PSG) until the end of 2020.
With the new realities organisations are facing today, IT and security teams are confronted with an enormous task of translating large-scale and rapid digital transformation efforts that have taken place in the last few months to long-term remote work processes and policies.
Here's how organisations can maximise their remote work strategies for the long haul:
A balanced view of accessibility and security
Preparing the organisation for future disruptions is a daunting task. To accomplish this, companies need to ensure that there is a balance between efficiency and security. IT teams need to implement long term remote work solutions that enable the ease of access to company resources while ensuring network security.
Employees accessing corporate resources over insecure connections have inevitably expanded the attack surface. As cyber threats are getting more sophisticated, IT teams need to implement strong measures to give network access to employees without compromising security. Additionally, hackers are moving between machines before triggering an attack. Therefore, it is important not only to protect the individual endpoints but also to detect intrusions as early as possible to minimise the impact.
Effective use of virtual private networks (VPN) and virtual desktop infrastructure (VDI) play a key role to mitigate security issues and performance problems. Enabling visibility across the VPN delivery chain helps identify performance bottlenecks at the gateway, monitor IT delivery performance and make adjustments in resources allocation, if needed, and detect unusual behaviours in the system.
Security teams must be able to identify the locations from which users are remotely connected, which remote access applications are being used and the behaviour of the user accounts. With the rise in IP camera breaches, users need to realise that vulnerabilities in such technology can allow attackers to access users' email credentials, and even bypass entire authentication process to directly interact with the device. To implement stronger security measures, failed logins and repeated lockouts should trigger an alert that an attacker might be trying to get in from a compromised user device.
Shore up your weakest link: People.
Remote workers and their security habits may leave an organisation vulnerable to cyberattacks. Employees may access the company network from a personal device that is irregularly updated - potentially leaving old vulnerabilities present, and protected by a weak password. Adversaries are also trying to exploit people's fears around COVID-19 as shown in the spike of phishing and email scam attempts as of recent. The human factor still stands as the weakest link in the IT security chain, and organisations need to build defences around that fact. To empower the users to defend themselves and the enterprise against security threats, precise and timely communication is vital. Employees need to be informed about the necessity of patching and updating their machines, choosing strong passwords and resetting them regularly, enabling multi-factor authentication where possible and providing ongoing education about the kinds of threats arrayed against remote workers.
Migrate towards the cloud
The recent wave of disruption should prompt enterprises to migrate towards the cloud as a way to simplify network access. By pushing applications and workloads to the cloud and leveraging cloud technologies such as Software-as-a-Service (SaaS), enterprises can enable remote working and secure access for the long term.
Recently, cloud providers have been enabling access to visibility tools and adding built-in security as part of their offerings to address security risks and issues. With developments in cloud solutions, many organisations are accelerating the adoption of cloud infrastructure and services, which substantially lessens or altogether eliminate the need for employees to connect to the corporate network.
Blurred borders in the age of remote work
IT teams were previously focused on perimeter walls to strengthen the company's IT security posture. There was an assumption that data and employees stayed in the office and one could draw a neat line around a network and set up defensible walls where its borders lay. With businesses implementing remote work arrangements, data cannot be confined within the four walls of offices anymore. However, many enterprises still rely on the infrastructure that this mindset built, which impedes many businesses from smoothly transitioning to remote working.
Moving forward, employees must be able to access enterprise resources securely and seamlessly using Desktop-as-a-Service and virtualisation tools from their workstations at home. In the event of a crisis, businesses should be able to activate business continuity plans that ensure access to critical applications and data from the cloud.
IT teams should also have complete visibility across the network to tackle performance bottlenecks and address perceived security threats immediately.
The age of remote work is upon us. Enterprises need to accept the porous nature of modern networks and shift away from prevention and protection and move towards the detection and response security model.