Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/24/2020
10:00 AM
Mike Wronski
Mike Wronski
Commentary
Connect Directly
LinkedIn
Twitter
RSS
E-Mail vvv
50%
50%

Since Remote Work Isn't Going Away, Security Should Be the Focus

These three steps will help organizations reduce long-term work-from-home security risks.

The essential shift to remote work meant many companies emphasized connectivity first and security second. Now, organizations globally are struggling to determine what longer-term distributed work will look like and how they will operate. Most companies are accepting that this could be permanent – in fact, a report from Pulse Secure found that 84% of US organizations expect a broader and more persistent remote work adoption after the coronavirus pandemic passes.

However, adopting remote-first work policies comes with security challenges for tech leaders. Some studies have shown that remote employees are less likely to follow security best practices — for example, a report by Malwarebytes showcasing security in today's work from home environment found 18% of respondents said cybersecurity was not a priority. And in a report commissioned by (ISC)², nearly one fourth (23%) of infosec professionals said that cybersecurity incidents experienced by their organization have increased since transitioning to remote work. 

Related Content:

Post-COVID-19 Cybersecurity Spending Update

The Threat from the Internet—and What Your Organization Can Do About It

New on The Edge: Don't Fall for It! Defending Against Deepfakes

To address this concern, security needs to be a priority. Here are the security strategies to keep in mind when transitioning from pandemic to permanent remote infrastructure and how to ensure your team is set up for success.

Adopt a Zero-Trust Approach 
Zero trust is a well known security concept centered on the belief that organizations should plan their defenses by not trusting anything or anyone, both inside and outside of the network perimeter. With more employees working remotely long-term, a zero-trust approach is necessary to protect users, workloads, and applications that are distributed around the globe. 

To begin your zero-trust journey, it's important to consider the following strategies: 

  • Address user identity and establish context. Beefing up your identity and access management (IAM) strategy with unified account management and multi-factor authentication (MFA) are critical components to building a context-aware architecture for your organization.
  • Leverage visibility tools to classify data and applications. This involves taking note of how your data is labeled, and how sensitive data flows through your network. This step is critical to understand what good network traffic looks like in order to write zero-trust policies.
  • Prioritize in-use applications versus legacy. Consider starting with data/applications that the IT teams use regularly and understand well, versus legacy applications that may not be well documented or communicating with other services in unclear ways. This will act as a way of testing a hypothesis to understand how to apply zero-trust policies over time.

Expand Beyond VPN Security 
The abrupt shift to remote work led to a massive spike in employees using virtual private networks (VPN) to remotely connect to company networks. Home users and endpoints are a popular target for malware infections (phishing, malicious websites, etc.), so VPN security has been a major topic of recent conversations. 

A traditional VPN is typically a binary control that allows users access to an internal network once a user is authenticated. However, traditional VPN is not granular enough to meet the needs of today's workplace. If a device falls into the wrong hands, all bets are off. While security/IT teams have taken a more binary approach in the past (user allowed versus not allowed), to adapt to a WFH environment, organizations should adopt a Zero-Trust Network Access (ZTNA) model, which takes into account context, such as the user's role, device and location when assigning access privileges, to enforce stronger security protocols. Many companies are already seeing the value of ZTNA compared to VPN. Gartner predicts that by 2023, 60% of enterprises will phase out traditional VPNs and use a ZTNA model. 

Invest in 'Security Operations'
Just like an annual physical at the doctor's office can help address severe issues before they become worse, regular monitoring of the security health of an organization's resources (from apps to networks and data) will help identify issues and strengthen the overall security posture long-term. What's more, a holistic view of your health issues allows a physician to deliver more effective care to meet your needs. Similarly, an end-to-end view of your organizational systems eliminates siloes and allows more effective visibility into security needs. With remote teams leaving companies more vulnerable, organizations should invest in dedicated teams and tools that will continuously monitor their security health within a platform that allows holistic visibility, like hyper-converged infrastructure. 

Ultimately, strong security measures begin with a robust infrastructure foundation that provides a defense-in-depth approach to security. Defense should be woven into every level, from platform security, to application and network security, to multi-cloud security. In today's traditional environment, infrastructure stacks are composed of products from multiple vendors, and validating a security baseline can be a time-consuming and error-prone manual process.

Hyperconverged infrastructure (HCI) reduces the complexity and increases visibility by simplifying the hardware and software stack required to deliver the performance and reliability needed for modern applications. An additional benefit of removing complexity with HCI is that with fewer operational silos, the application of security best practices are also simplified.  

To make the greatest impact, also consider network monitoring tools with anomaly detection. Instead of just looking at endpoints, perimeters, and firewalls for threats, anomaly detection looks at the entire network to uncover these possible issues. This approach gives security teams constant tracking and the ability to automate the process of identifying unconventional data patterns, for example, ones that may indicate a threat. Taking a proactive approach to your security health means auditing existing resources and infrastructure, identifying systems that do not meet best practices, and ultimately, leveraging solutions to help you catch potential threats. 

COVID-19 has not only changed the work environment today, but it has also impacted the way organizations are thinking about work from home – with more than half (55%) of executives surveyed by PwC claiming they will offer flexible workweeks with remote work options. As companies come to terms with the likelihood of a permanent distributed workforce, the need to secure remote-work environments becomes paramount. To reduce the security risks associated with remote work over the long term, organizations should consider adopting these security steps. 

As a Technical Director of Product Marketing for virtualization, networking, and security at Nutanix, Mike Wronski brings more than 25 years of industry experience to his role. Mike's career has spanned both vendor and practitioner roles via multiple technology startups and ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7856
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
CVE-2021-28793
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
CVE-2021-25679
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
CVE-2021-25680
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
CVE-2021-25681
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...