The current pandemic has prompted organizations globally to quickly move to remote work strategies and policies, leaving many scrambling to make it work as quickly as possible. Security plays a critical role in an effective remote worker strategy, yet in the rush to move to remote work it has gotten lost in the shuffle. But it’s not too late to fix it.
Because of the pandemic, cybersecurity has become a bigger challenge than ever before. Connectionless commerce and remote working are changing operations and adding greater complexity. In addition, threat actors have ramped up attacks across these highly distributed enterprise ecosystems. From automated opportunistic attacks to targeted campaigns, the variety, velocity and sophistication of attacks is on the rise. Indeed, the guidance from NIST and other security organizations is to assume that cyberspace is a 100% hostile environment. For example:
- Assume that external facilities, networks and devices contain hostile threats that will attempt to gain access to the organization’s data and resources.
- Assume that malicious parties will gain control of telework client devices and attempt to recover sensitive data from them or leverage the devices to gain access to the enterprise network.
Today more than ever, ensuring security is woven into your remote worker strategy is especially important because once shelter-in-place restrictions are lifted and others are rolled back, it’s very likely that life isn’t going to return to the way it was before. Our recent experience with BYOD is a useful comparison.
Now that employees and executives understand that they can be just as effective and productive from home as they are in the office, remote work will become part of the new normal. And rightly so, as work should really be something we do rather than something that can only be accomplished in a certain space.
So, what can security teams do to ensure current solutions continue to deliver resilience? And what should be done in the long term? Let’s take a look at three different sectors.
Securing remote telework for government and municipal employees
Governments at all levels have had to quickly transition their IT infrastructure and resources to create sustainable operations for their remote workforces. They have also had to comply with Continuity of operations/Continuity of government (COOP/COG) requirements by ensuring the full use of their workforce for an extended period of time; which has meant that most of them have had to work from home.
As governments sort out how to maximize resources and stay secure, the challenges of ensuring the continuity of government operations while remaining secure includes these elements:
Endpoint security. This is critical for the computing environments of employees working off-site. Their new workplace usually includes a home network with vulnerable IoT devices, such as smart appliances and doorbells, and family members using applications and platforms, such as gaming consoles and social media, that could threaten the network. This computing environment lies outside of the organization’s control and significantly increases risk. As a result, endpoint security is essential to ensure the integrity of government data and operations in use for such devices within these environments.
Transmission security. This involves making certain that government data is encrypted while in transit across the internet.
Headquarters or parent office. Almost all of these environments’ networks were set up with the expectation that employees would work within the network perimeter. Organizations must consider whether or not these networks have the ability to absorb the sudden jump in number of connections from remote locations, as well as if these connections are secure and only available to authorized users. In addition, organizations must ask themselves if their C zero trust architecture scale can support a surge in remote logins and use of cloud resources, as well as how ready the staff and infrastructure is for rapid changes.
Remote work in the education sector
Due to the pandemic, every level of educational institutions across the globe — from elementary schools to colleges and universities — have been forced to embrace distance learning. It’s estimated that 70% of students are currently involved in some form of online education.
Every educational institution needs to consider implementing several simple steps to set up and maintain an effective distance learning environment while keeping their networks secure. These include:
Segmenting the network. Education IT teams should segment their internet-facing teaching applications from their other internal applications, such as the human resources system. That way if a breach or malware outbreak happens, the scope of impact will be limited. In addition, remote workers may take on new roles and responsibilities, so security teams should anticipate frequent firewall rule changes.
Using strong authentication. With today’s processing power, hackers can crack simple passwords in a matter of seconds. That’s one reason why mountains of credentials are for sale on the dark web. Strong password policies, such as complexity, length, and expiration, are essential. Schools should also enforce account lockout after failed attempts to prevent password guessing. Multi-factor authentication should also be implemented where possible to prevent the misuse of stolen passwords.
Defending web applications. Exploiting application vulnerabilities is an easy way for a bad actor to breach your network. External sites need to be scanned for security flaws, such as cross-site scripting errors and SQL injections. The traffic between learning systems and users should be encrypted so data can’t be stolen in transit. And a Web Application Firewall should be deployed to protect web application servers and the infrastructure from attacks and breaches originating from the internet and external networks.
Monitoring for atypical or malicious activities. Educational institutions have seen a significant increase in devices and external network traffic connecting to their networks. The IT security team needs to be able to sift through this noise to identify any unusual login attempts, unexplainable large data transfers, or see and respond to other abnormal behaviors. The challenge is how to detect anomalous behavior when network and user behavior is all new. The rapid adoption of cloud computing will test the ability to log and monitor traffic outside of the perimeter.
Addressing technology risks. Improperly vetted technologies used in online learning environments can introduce vulnerabilities and pose risks to the enterprise network. Whether it’s a learning management system or teleconferencing tools, whether they are hosted on-premises or in the cloud, IT security should perform a complete security assessment of every vendor and their products before allowing them into the network environment.
Cracking down on security for remote work in healthcare
To put it mildly, the need for available, real-time medical services is more critical than ever. To achieve this, healthcare organizations must ensure their networks can scale to meet exponential demand while remaining secure. It is critical to keep privacy and compliance requirements are still in placex.
For healthcare workers to appropriately respond to emergencies while ensuring business continuity, they must have seamless, secure access to centralized medical records and devices no matter their location. Here are five considerations for healthcare organizations that want to overcome the barriers associated with the cost and complexity of provisioning and maintaining secure Wi-Fi access and VPN connectivity at remote sites:
Visibility and control. Healthcare organizations need total visibility of their applications, access to cloud-based services and granular control of their distributed networks. They cannot effectively prioritize or block applications at the group, user or device level until they can see and manage all parts of their network.
Deployment ease. Healthcare requires quick deployment of secure wireless infrastructures without the need for additional hardware. This requires a solution able to instantly adopt and enforce established security policies, enabling healthcare organizations to secure remote access across all locations without having to worry about any visibility and control gaps.
Threat management. Healthcare organizations must be able to pinpoint cyber threats targeting user entry points to the network to effectively secure their remote locations. Their devices and the network will be better protected by bringing security monitoring closer to the end user.
Unified management. Solutions that use single-pane-of-glass management for both security and networking enable healthcare organizations to apply comprehensive policies to both wired and wireless networks so that security and networking function as part of the same system.
Rapid response times. A solution that provides automated network protection updates is needed if an organization hopes to keep up with today’s sophisticated cyber threats and huge expansion of data. Once networks function as a single, integrated system that can identify indicators of compromise, address potential vulnerabilities, quarantine infected devices and isolate malicious traffic, healthcare organizations can better protect their data and networks.
A remote future
The coronavirus pandemic has ushered in a new era of remote work, as well as connectionless commerce, public services, education and healthcare. It has also tested the mettle of IT teams across industries and across the globe.
Ironically, it’s also opened up the door to a future of greater remote work opportunities and IoT usage; and greater cyber risk. Looking at the needs and considerations of government, education and healthcare should help your organization, regardless of your industry. But you must put proper safeguards in place to enable secure and effective remote work long into the future.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.