Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:30 AM
Matthew Gyde
Matthew Gyde
Connect Directly
E-Mail vvv

Keep Employees Secure, Wherever They Are

As workers grow more dispersed, organizations need to focus on three areas to maintain security.

Nearly 80% of professionals work remotely at least one day a week, and 1.55 billion others are expected to work outside the boundaries of the corporate office by 2020, according to Frost & Sullivan research. This shift to a mobile workforce is causing technology disruption because remote workers require different solutions and infrastructure, which can increase vulnerabilities. 

The security challenges aren't only the result of more employees working outside of the corporate office, but also the number of devices used by each individual. The same Frost & Sullivan report forecasts that more than 80 billion connected devices will be in use globally by 2025 — a staggering figure! Work has shifted from a place people go to daily to something people do, and as such, businesses need to be flexible, but not so flexible that their data and devices become security risks.

Cyberattacks have shifted as well, becoming less detectable by exploiting encryption and commonly used files. Malicious traffic is sent through encrypted HTTPS protocols, and malware increasingly uses transport layer security. Offices that don't upgrade their security tools and perform deep packet inspection on corporate Internet traffic will become a handy target for stealthy attacks. New attack methods are becoming progressively more common — such as pharming, in which links redirect users to fraudulent sites; vishing, the collection of personal information during a call; and smishing, where users receive texts with fraudulent links.

3 Areas to Focus Security Efforts
To properly secure the distributed workforce, it's best to focus on multiple areas. This allows organizations to place requirements around devices, applications, and network.

1. Devices are more than just laptops. Keeping employees efficient means the use of multiple devices — up to four tools each day, including cellphones, laptops, and wearables. And the rise of wearables opens a new enterprise security frontier. IT must secure these newer devices, especially because analysts predict that smart glasses and smart watches will see a high rate of enterprise adoption in the coming years. For these newer gadgets, IT can look to dynamic technologies, such as biometrics and GPS, and the type of information being accessed to authenticate the user rather than relying on static passwords.

Additionally, "bring your own device" (BYOD) policies continue to be a problem when it comes to data leaks. A well-designed BYOD plan that includes wireless LAN controllers and access points, a lightweight security mobility client, and robust identity services will help minimize device risks. Today's lightweight agile identity technologies use sophisticated cryptographic algorithms to locate security threats. As these solutions evolve to include geolocation and geosensing programs, identity management will become an important part of the security framework.

2. Newer generations demand flexibility. Generation X and millennial employees grew up with mobility solutions such as broadband, Wi-Fi, laptops, social media, and smartphones. They expect instant access to information from anywhere. The result is a new corporate structure rooted in flexibility and a dispersed workforce that demands collaboration software solutions and secure network connections.

The problem arises as remote access across unsecured wireless or LTE networks opens companies up to man-in-the-middle attacks, malicious apps, corporate espionage, and more. Even traditional applications such as Word and PDF documents create havoc when malicious codes are scripted into these files and then downloaded by unsuspecting users, ultimately launching a ransomware virus.

Cloud-based applications provide flexibility for mobile workers but also create issues because cyberattackers can hack in to steal user credentials, intercept data in transmission to the cloud, or access unencrypted files. An ideal way to protect against these threats is to extend security to the DNS through a cloud-delivered network security service. Predictive cybersecurity intelligence with live graphs of global DNS requests, along with other relevant information, can protect enterprises from attacks and assist in predicting future threats. This type of protection should also cover any off-VPN device and block the additional threat of malware, phishing, and other cyberthreats. Implementing cybersecurity operation centers for real-time monitoring of threats and security solutions can be useful, especially for remote workers.

3. Social media security education needed. LinkedIn, Twitter, Facebook, and other social media sites are very popular, especially among younger employees. And these platforms are also popular among cyberattackers. All employees need to be educated regarding personal information, such as birthdates, email addresses, and company names, that should and shouldn't be divulged online. Cyberattackers troll these sites to collect data and create targeted phishing attacks or use it to stalk or bully victims.

The best line of defense against cyberattacks for the mobile workforce is to take a more predictive stance. For instance, enterprises can create a "red team" — a group that challenges organizations to become more effective — to proactively hunt cyberthreats, improve security strategy, and train analysts with regular cyberdrills. And when was the last time your company ran a vulnerability assessment on its larger network and VPN,or a penetration test across its cloud solutions? Both evaluations can be used to identify critical gaps in the IT and operational technology environments. Finally, educating the mobile workforce about the dangers of unsecured wireless networks, social media hacking, and device usage will be the best line of defense for all companies.

Related Content:

Matthew Gyde is a group executive for the security business unit at Dimension Data, an ICT solutions and services provider. He joined Dimension Data in 2005, having been in the security industry for the previous 10 years in various roles across clients and service providers. ... View Full Bio
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
4/4/2017 | 9:22:41 AM
Pitfalls of Working Remotely
I believe that the number of people who work remotely is growing rapidly, and employers should pay more attention to the security of these colleagues. While it's hard to track someone's private computers, companies should know that their secret info won't be revealed for sure. Thus, there are some pitfalls for companies that should be overcome
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts
Jai Vijayan, Contributing Writer,  12/5/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-12-11
Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via the embeddedAuthRedirect page.
PUBLISHED: 2019-12-11
Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() function in flex.c via a crafted BASIC source file.
PUBLISHED: 2019-12-11
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets.
PUBLISHED: 2019-12-11
The VisualEditor extension through 1.34 for MediaWiki allows XSS via pasted content containing an element with a data-ve-clipboard-key attribute.
PUBLISHED: 2019-12-11
MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page.