Search
Close this search box.

Blog

Remote Working & Security Challenges

Samir Desai examines how recent world events have put remote working and its security implications at the top of the ICT agenda. His security playbook offers up tactics for protecting end-users.
October 9, 2020

Remote Working & Security Challenges

Let's face it - remote working is here to stay. What was a distraction and an afterthought for ICT managers at the end of last year is now an integral part of any go-forward enterprise networking environment. The benefits of enabling a remote, borderless and telecommuting workforce are obvious in terms of employee well-being and maximized productivity. Prospective employers now look to offer flexible, remote working as a real benefit to attract the best talent.

Most IT teams have built their security infrastructures over the years specifically to protect enterprise networks and the information within them. With the sudden rise in remote working, corporations needed to rely on Virtual Private Network technologies for employees to continue to be able to gain access to enterprise networks from outside of the traditional office LAN environment.

Remote working is here to stay. What was an afterthought for ICT managers at the end of last year is now an integral part of any go-forward enterprise networking environment.

Unfortunately, cybercriminals also continue to develop new and sophisticated ways to take advantage of increased remote mobility in order to gain access to networks and valuable data. The volume of cyber incidents targeting newly remote employees through email phishing tactics and compromised end-user devices has reached record levels.

A typical home working environment can be a localized mixed-use network of corporate devices, highly insecure IoT or personal devices and shared accounts. This offers an ideal foundation for the potential exfiltration of company data and other nefarious cybercriminal activity. As a result, the so-called "attack surface" has increased substantially with the growth of remote working. This brings with it a whole new set of challenges in the war against cybercriminal activity with secure remote networking and risk management becoming the primary imperatives.

A secure remote working playbook

Here are a few tactics to consider when it comes to protecting remote end-users — and, by extension, the enterprise business:

  1. Education: The single most important element in keeping confidential data safe is remote user awareness. Keep employees informed, not only about what they should do, but also about why they need to do it. A handbook should include best practices such as enabling two-factor authentication and requiring VPN login to apps and programs containing sensitive information. Consider defining an Acceptable Use Policy (AUP), so employees know what websites, apps and networks are permitted for accessing data, to avoid potential threats.

    The single most important element in keeping confidential data safe is remote user awareness.

  2. Permissive access: Another risk area is how to implement and manage corporate policies that govern who accesses the network. A simple “one-size-fits-all” approach that gives every remote user the same level of privileged access to their network resources, regardless of whether they need it, presents potential security risks. Striking the right balance between user access management and effective, secure remote access to on-premises resources, hybrid cloud environments, and business applications using policies is key. Working with a managed service partner, who can help define and implement granular policies, can go a long way toward establishing the right, robust security posture for remote workers. A simple “one-size-fits-all” approach presents potential security risks. Striking a balance between user access management and secure remote access using policies is key.A simple "one-size-fits-all" approach presents potential security risks. Striking a balance between user access management and secure remote access using policies is key.

    If remote working cannot be restricted to a VPN, then there's the risk of opening services directly to the internet for hackers to exploit. Any new internet-facing application needs to be planned, understood, secured and tested before use. Enterprises should always strive to balance the need for cybersecurity against the requirement for a more accessible internet-based and cloud-centric application environment.

  3. Balance productivity with security: The business still needs to operate, albeit in a different mode. For that to happen, the secure end-user experience needs to be maintained, especially when dealing with a globally distributed workforce spanning borders and even continents. Consider how remote users can locally access their key applications and data with minimal latency impact using a globalized secure remote access platform. Flexibility in augmenting additional remote users as the need arises via a simple per-user seat commercial model should also be a consideration going forward.

About GTT

GTT connects people across organizations, around the world, and to every application in the cloud. Our clients benefit from an outstanding service experience built on our core values of simplicity, speed, and agility. GTT owns and operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. We also offer a complementary portfolio of advanced security services.

ovum banner

Related RESOURCES

Blog

5 Common Ways Cybercriminals Spread Malware (and How To Outsmart Them)

There are currently around 1.2 billion malicious programs and potentially unwanted applications in existence, with threat actors deploying an average of 200,454 unique malware scripts ...
How is ESG part of working at GTT?
Blog

How is ESG part of working at GTT?

At GTT, we are passionate about supporting people – and it is that passion that drives our commitment to enhancing and growing our environmental, social ...
The Power of Training, Mentoring and Learning at GTT
Blog

Unlocking My Full Potential: The Power of Training, Mentoring and Learning at GTT

In a world where the pursuit of personal and professional excellence is a constant endeavor, I'm proud to work at GTT. Its mentoring and learning ...
DDoS attacks
Blog

DDoS Attacks in the First Half of 2024

Recent DDoS attacks including the Port of Seattle and Microsoft are showing that Cybercriminals are becoming more bold and attacking organizations regardless of size or ...
Young female engineer concept. GUI (Graphical User Interface).
Blog

How to Choose The Right SD-WAN Managed Service Provider for Your Business

Many factors can influence an enterprise's decision regarding which MSP to work with for SD-WAN, SSE and a SASE framework. But most agree on which ...
Blog

Heightened DDoS Activity: A Growing Concern in 2024

In January and February of 2024, GTT’s Security Operations Center along with Corero’s Advanced Research Team have jointly recorded a significant surge in distributed denial-of-service ...
Blog

What’s Next For Networking?

The combo of faster & more efficient connectivity with new networking technologies & insights, productivity, network performance, & efficiency will all improve, providing additional cost ...
Blog

Global Tier 1 IP Networks: Everything You Need To Know

Tier 1 IP networks are the first choice for global enterprises for dedicated, reliable & secure internet access. Learn why GTT is the ideal Tier ...
Blog

The Future of IT in Manufacturing: Managed SD-WAN Solutions

GTT offers cutting-edge Managed SD-WAN for manufacturing companies. Discover how you can take a step toward the future of Manufacturing IT and networking.

OUR GARTNER RATING

Gartner Peer Insights logo
4.2

62 Reviews

88%
as of the last 12 months

Talk to an Expert

Interested in learning more about GTT products & services? Please complete this short form to schedule a call with one of our sales consultants.

Thank you for your information. One of our sales consultants will be in touch with you.

Scroll to Top