- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Domain of Application >
- Trend snippet: 5 must-have protections for a secure remote workforce
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
5 must-have protections for a secure remote workforce
Must-Have #1 Endpoint Security
"70% of successful cyber-attacks originate at the endpoint."
With 93% increase in ransomware attacks across the globe over the last 6 months, endpoint devices have never been more vulnerable, and endpoint security plays a critical role in enabling your remote workforce. Yet, there have never been more endpoints to protect as companies opened access to their corporate applications from laptops to ensure business continuity. While maintaining productivity, remote users are more prone to incautious behavior and non-compliance to corporate policy. As a result, they are more exposed to phishing, malware, and ransomware attacks. And once a user PC or laptop is infected, the threat can move laterally and easily infect other endpoint devices and corporate assets.
Endpoint protection (EPP) and Endpoint Detection and Response (EDR) serve as the first and last line of defense against the growing wave of ransomware attacks.
The 5 pillars of a robust endpoint security solution
Anti-phishing: Defending users from phishing attacks (including zero-day phishing) while they are using their mailboxes or browsing the internet.
Anti-ransomware: Capabilities that monitor changes to files on user drives to identify ransomware behavior such as illegitimate file encryption, and to block an attack, as well as to recover encrypted files automatically
Content Disarm and Reconstruction (CDR): CDR can remove exploitable content by sanitizing documents from any harmful elements and deliver 100% sanitized versions within seconds.
Anti-bot: Protection against bot-driven infections and sensitive data exposure.
Automated post-breach detection, remediation an response: Automation-driven analysis, contextualization, and remediation of incidents, along with an end-to-end attack view, covering entry points, lateral movement, and the impact to the business.
Must-Have #2 Secure Internet Access
Working outside the corporate firewall exposes users to a whole slew of internet-based threats that would otherwise be blocked at the network level. Remote workers may unintentionally put their organizations at risk by unwittingly downloading infected files and visiting phishing sites where corporate credentials are stolen.
As over 10,000 new malicious files and 100,000 new malicious websites are discovered by Check Point every single day, preventing threats from ever reaching users becomes critical, with retroactive detection and mitigation often proving to be too little too late.
When selecting a solution for assuring secure internet access, there are six principles that should be top of mind:
Complete protection: Against phishing, malicious downloads and websites, data loss, ransomware, browser exploits, among others.
Future-proof security: Advanced security technologies that can block never seen before malicious files and phishing attacks.
A seamless user experience: Block internet-based attacks with minimal impact on user browsing experience and speed.
Scale and simplicity: backhauling traffic through the data center by adopting a global cloud-based security service, or even better - by implementing security directly in the browser.
Privacy: Keep users’ browsing history private to ensure compliance with GDPR and other data protection regulations.
100% traffic inspection: Ensure that all the traffic can be inspected, including SSL and new HTTP protocol version
Must-Have #3 Zero Trust Network Access (ZTNA) to Corporate Applications
Remote employees can’t do their job without access to their corporate applications. And to make sure they maintain enhanced productivity (even when away from the office) they need easy access from any device, be it a mobile phone, home PC, or other device.
While fast access is mandatory, it is also critical to be able to vet each user before they access the network and sensitive enterprise apps, whether hosted on-prem or in the cloud.
Traditionally, organizations have relied on VPN-based security to achieve the task and then provide users with broad network access once authenticated. This approach is no longer viable. Today, it is necessary to secure a continually shifting attack surface and to have visibility into what users are actually doing. This is why protection today requires a zero-trust architecture that enables administrators to eliminate the risk of unauthorized access and prevent lateral movement within the network.
When embarking on the path to zero-trust network access, it is important to adhere to the following six principles and to make sure that the solution you choose enables their implementation:
Consider all users: Deliver zero-trust access across the entire organization, including third parties such as partners and contractors, while providing support for web applications, databases, remote desktops, and SSH remote terminals.
Client and clientless remote access: Choose a solution that offers both deployment methods as well as the ability to securely scale remote access within minutes.
User experience: Choose a strategy and products that create the most frictionless and SaaS-like experience for the team.
Least privilege access policy: A particular user should only be granted just enough privileges to allow them to complete a particular task. For example, an engineer who only deals with updating lines of legacy code does not need to access financial records.
Multi-factor authentication (MFA): Strictly verify the identity of every user accessing the network using multiple factors. Ensure these factors can be adjusted depending on the sensitivity of the data/resources being accessed.
Monitor and audit everything: Monitor and review all user activity across the network to identify any suspicious activity in real time.
Must-Have #4 Email & Office Security
In today’s modern business world, no employee, remote or otherwise, can be productive without access to email and productivity apps, such as Office 365, Teams, SharePoint, One Drive, Gmail, Google Drive, and more. These tools are not only critical for getting things done. They are also one of the channels most exploited by hackers, with business email compromise (BEC) attacks, for example, accounting for over 50% of losses caused by cybercrime.
The 5 key protections for email and office
Real-time phishing protection: That is fully automated and AI-based to prevent advanced never before seen phishing and spear phishing attacks before they happen.
Malware protection: With CDR (content disarm and reconstruction) to deliver clean attachments and files in seconds, while blocking evasive malware through AI-based static and dynamic file analysis.
Data leak prevention: That enables custom policies to be set to specific needs and which automatically blocks sensitive outbound information on email and collaboration apps.
Internal threat prevention: To scan and block threats originating in emails from inside the corporate network, and to prevent lateral movement.
All around security in a one-stop-shop: To ensure easy to manage total security and to reduce operational complexity.
Must- Have #5 Mobile Threat Defense (MTD)
The mass mobilization of the global workforce to the home means that remote employees are accessing corporate data from mobile devices more than ever, often over public WiFi networks that are easy to compromise, sending more emails, messaging more often, and sharing more files than ever.
In 2020 alone, 97% of organizations faced mobile threats that used various attack vectors, and 46% of organizations had at least one employee download a malicious mobile application.
5 principles of the optimal mobile security
360° protection of all attack vectors: Including malicious mobile applications, network-based attacks, and vulnerable operating systems and devices.
Full visibility into the risk level: With a complete view of the organization’s mobile security posture to effectively mitigate risk and accelerate response when needed.
Scalable deployment: With support for every device type, operating system, and device- ownership model.
Maximizing the user experience: By avoiding impact on device usability, the browsing experience, data consumption, and battery life.
Ensuring privacy by design: Of both corporate and BYOD devices.
The value of security consolidation
Implementing the five must-have protections for remote users is a good start to securing the new ‘work from anywhere’ hybrid environment. But this can be very challenging as it requires endless protections across devices, networks, access points, and applications.
Some organizations attempt to overcome the challenge by stitching together point solutions with APIs or opting for best of breed solutions.
These approaches, however, mean complex management, and leave many security gaps untreated, where the organization has fragmented visibility at best, and is limited in its options to scale.
To keep corporate networks and sensitive data safe, organizations have no option but to recalibrate the security approach around remote users and access. The key to overcoming the challenge is to consolidate the various security solutions into one unified solution.