3 Key Principles Businesses Must Keep In Mind When Securing the Remote Workforce
By : Evan Dumas | Friday, October 16 2020 - 17:00 IWST
Evan Dumas, Regional Director, Southeast Asia, Check Point Software Technologies (Photo by Linkedin)
INDUSTRY.co.id - You would have probably heard how Facebook expects half of its workforce to keep working remotely over the next five to ten years, and how Twitter told its staff that they can work from home forever if they wish. No doubt, this is a new working model as a result of the pandemic. It is different from what we are used to, but it is here to stay.
However, shifting to remote working overnight is not a simple task. While digital transformation and remote accessibility have been gaining traction over the past decade, there were very few organisations that were prepared to go ‘fully remote’, and do so practically overnight.
With the move to remote working, threat actors have been taking advantage of these rapid and widespread changes. This have left organisations more vulnerable than ever to cyberattacks. As we all work from home, our security awareness goes down. Therefore, it is critical that organisations take steps to secure the remote workforce to prevent falling victim to the next cyber attack.
Here are 3 key principles businesses must consider:
1. Complete Security Protection
As the saying goes, it takes only one match to set a forest on fire. The same goes for cyberattacks. This is why it is crucial to eliminate any potential security gaps. Employees should be completely protected from all imminent threats and across every platform, including endpoints, mobile devices, cloud emails (e.g. Office 365, G-suite), and collaboration apps (e.g. SharePoint, OneDrive, Teams, Google Drive), and many others that businesses are using on a daily basis. Being complete also means being able to secure the remote workforce against 3 main threat vectors:
Phishing: Phishing is a big problem, with more than 80% of breaches involving the use of credentials that were lost or stolen via phishing.
Malware: At best, antivirus software blocks only 43% of the malware strains currently in the wild. This means that most variants can still get into your network. That is about 8,500 unknown zero-day threats worldwide per day. That is why it is important for your malware protection to be able to prevent both known and unknown malware.
Data leakage: Even though data leakage is not an attack per se, it is a huge threat. Employees can unintentionally or sometimes intentionally leak sensitive data outside the organisation. This is where data protection comes into play. Data protection should be deployed to the endpoint, on mobile devices, cloud email, and productivity suite.
2. Prevention First Strategy
Businesses should think of preventing attacks before they happen, and not just detect them. A prevention-first strategy is one of the most effective ways to avoid financially devastating data breach. Traditional security solutions that use signatures and rule-based analysis are focused only on detecting threats. However, in order to win the cybersecurity battle, a prevention-first approach is needed, and can be accomplished with 3 main principles:
Implementing real-time threat intelligence: For a prevention-first strategy to work, threat emulation verdicts need to be reached fast. Towards this end, real-time threat intelligence can quickly determine if a file or link has already been deemed malicious in real-time through intelligence sensors.
Leveraging AI-based threat prevention technology: When indicators of compromise (IoCs) do not exist for a suspicious email or file, organisations can vet risky documents and messages using the power of data science. Because of the velocity of malware and phishing evolution, there is an increasing number of devices and technologies that need protection, and a huge amount of data to process. All that combined, makes it impossible for human-created models to provide comprehensive up-to-date protection. This is why we need AI, which can analyse millions of parameters like no human being can.
Adopting a Consolidated Security Architecture: By combining the power of shared threat intelligence and AI with a security architecture, organisations can prevent attacks across all attack vectors uniformly. For example, if an employee receives an email with a link on their mobile device, and clicks on it, the shared threat intelligence begins working in the background. The URL undergoes payload path and domain analysis to determine whether it is safe. If it turns out that the link on the employee’s smartphone was malicious, it will be instantly blocked, preventing the employee from accessing the website. The threat data is then immediately shared across the entire IT environment.
3. A User-Friendly Solution For All
What is the point of an all-encompassing security solution if it is so complex that nobody knows how to use it? Organisations should consider the user-friendliness of the solution for its employees and admins. It also have to be seamless with their current tools, systems, devices and work environment, and should be efficient to deploy and get results. In addition, businesses should also take into account the flexibility of the solution to meet the needs of the business, and support specific vertical compliance requirements and privacy concerns.
Shifting to accommodate a remote workforce is no easy feat. However, organisations need to revisit and adapt their security plans in order to ensure that their businesses is safe in the new normal.