Is the remote working environment also secure?
The Covid 19 pandemic presents companies with new, unforeseen challenges and, unfortunately, also poses serious, far-reaching IT and security risks. IT managers must therefore take precautions. Six questions arise.
As more employees work from home, new obstacles are emerging, such as scaling and securing virtual private networks (VPNs) and remote access. Most organizations had not previously implemented mature security practices for their VPN networks or remote workers at the scale they now face. It is therefore very important for security managers to ask their teams the right questions to ensure that the network is truly secure in the end. The challenge is mainly due to physical expansion and increasing mobility. The goal should always be to achieve the highest possible level of security without restricting the way employees work, because at the end of the day, they have to perform, without any restrictions on the user experience.
Organizations should ask the following questions of their IT leaders about adapting to today's remote work environment:
First: How many administrators are employed by the company? Companies should ensure that multiple accounts are set up for different administrators - with granular permissions, scope and auditing - to ensure that there is no single point of failure in managing the system if one of the admins is unavailable.
Second: Does anyone (perhaps better "Do administrators..." in the company have remote access to management consoles (which management consoles? From internal IT systems)? While it is not recommended that management consoles be accessible remotely, can companies achieve this if the vast majority of employees are connected remotely and working from home? Many firewalls have different rule sets, for example LANLAN vs. VPNLAN access.
Third: Have dashboards or reporting been set up for centralized services? Enterprise security and network teams need to provide the same level of visibility and control to remote users and devices connecting to corporate networks via VPN as they do to employees on campus. This can be achieved through compliance assessment and policy-based endpoint and network controls that can help secure devices as they remotely connect corporate or Bring Your Own Device (BYOD) systems to corporate networks.
Fourth: Solutions like Forescout can automate security in terms of visibility, device compliance and policy control. Security and network teams need to see and identify all remote devices the moment they connect to the corporate network - just like devices on campus. This enhanced visibility helps mitigate risk in the new work-from-home environment. Next, they need to ensure that these devices are compliant and remain so, regardless of the specific location from which they connect.
Fifth: Armed with this visibility, security and network teams can better understand the security posture of their remote devices and manage them accordingly based on a risk assessment for each scenario.
Sixth: Can tickets be created and processed at the company's own IT service desks while teleworking? Can these teams dial in to the end device? Particularly in the case of newly acquired devices, it must be ensured that they have also been activated for remote maintenance. If something goes wrong while working from home, are the necessary details and access to the support website available so that the team can be spoken to quickly?
Conclusion
Protecting home networks is possible, but it requires answering the aforementioned questions. Ultimately, if all enterprises enable home office, they should deploy a solution that identifies VPN clients and enforces the enterprise's own policies to protect them. Managed devices connecting via VPNs should be subject to the same pre- and post-connection security policies that apply to on-premises devices.
Appropriate platforms can help detect BYOD or unmanaged devices immediately after a VPN connection is established and check their compliance with their own security policies. Security and network teams can then quickly make informed decisions about denying or restricting access to network resources. Only then can companies remain calm in the face of threats such as ransomware and the like and allow their employees to access their own company network or the company's own applications and data remotely.
Author: Kristian von Mejer, Global Account Executive at Forescout Technologies Inc.