Let's face it - remote working is here to stay. What was a distraction and an afterthought for ICT managers at the end of last year is now an integral part of any go-forward enterprise networking environment. The benefits of enabling a remote, borderless and telecommuting workforce are obvious in terms of employee well-being and maximized productivity. Prospective employers now look to offer flexible, remote working as a real benefit to attract the best talent.
Most IT teams have built their security infrastructures over the years specifically to protect enterprise networks and the information within them. With the sudden rise in remote working, corporations needed to rely on Virtual Private Network technologies for employees to continue to be able to gain access to enterprise networks from outside of the traditional office LAN environment.
Remote working is here to stay. What was an afterthought for ICT managers at the end of last year is now an integral part of any go-forward enterprise networking environment.
Unfortunately, cybercriminals also continue to develop new and sophisticated ways to take advantage of increased remote mobility in order to gain access to networks and valuable data. The volume of cyber incidents targeting newly remote employees through email phishing tactics and compromised end-user devices has reached record levels.
A typical home working environment can be a localized mixed-use network of corporate devices, highly insecure IoT or personal devices and shared accounts. This offers an ideal foundation for the potential exfiltration of company data and other nefarious cybercriminal activity. As a result, the so-called "attack surface" has increased substantially with the growth of remote working. This brings with it a whole new set of challenges in the war against cybercriminal activity with secure remote networking and risk management becoming the primary imperatives.
A secure remote working playbook
Here are a few tactics to consider when it comes to protecting remote end-users — and, by extension, the enterprise business:
- Education: The single most important element in keeping confidential data safe is remote user awareness. Keep employees informed, not only about what they should do, but also about why they need to do it. A handbook should include best practices such as enabling two-factor authentication and requiring VPN login to apps and programs containing sensitive information. Consider defining an Acceptable Use Policy (AUP), so employees know what websites, apps and networks are permitted for accessing data, to avoid potential threats.
The single most important element in keeping confidential data safe is remote user awareness.
- Permissive access: Another risk area is how to implement and manage corporate policies that govern who accesses the network. A simple “one-size-fits-all” approach that gives every remote user the same level of privileged access to their network resources, regardless of whether they need it, presents potential security risks. Striking the right balance between user access management and effective, secure remote access to on-premises resources, hybrid cloud environments, and business applications using policies is key. Working with a managed service partner, who can help define and implement granular policies, can go a long way toward establishing the right, robust security posture for remote workers. A simple "one-size-fits-all" approach presents potential security risks. Striking a balance between user access management and secure remote access using policies is key.
If remote working cannot be restricted to a VPN, then there's the risk of opening services directly to the internet for hackers to exploit. Any new internet-facing application needs to be planned, understood, secured and tested before use. Enterprises should always strive to balance the need for cybersecurity against the requirement for a more accessible internet-based and cloud-centric application environment.
- Balance productivity with security: The business still needs to operate, albeit in a different mode. For that to happen, the secure end-user experience needs to be maintained, especially when dealing with a globally distributed workforce spanning borders and even continents. Consider how remote users can locally access their key applications and data with minimal latency impact using a globalized secure remote access platform. Flexibility in augmenting additional remote users as the need arises via a simple per-user seat commercial model should also be a consideration going forward.
About GTT
GTT connects people across organizations, around the world, and to every application in the cloud. Our clients benefit from an outstanding service experience built on our core values of simplicity, speed, and agility. GTT owns and operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. We also offer a complementary portfolio of advanced security services.