COVID-19: Securing Work From Home

COVID-19: Securing Work From Home

Organizations are rushing to enable remote access for their staff as many cities, counties and states move towards a shelter-in-place mandate. Companies and workers that are in a field where working from home is a possibility should feel fortunate to have the opportunity to do so. Optiv described three strategies for organizations that are enabling work from home: expand existing access, create alternate access methods and infrastructure redesign. Most organizations are likely performing some parts of each strategy to cope with the rapid expansion of remote workers.

 

ThoughtLeadership COVID 19 Securing WFH

 

It is important for CISOs to consider the security ramifications on a larger scale and not lose sight of their roadmap for enabling security within the organization. The factors influencing the decision-making process at this stage should be congruent with the organization's mid- and long-term objectives. In effect, by moving from a state of indecision on how to secure an expanded remote work force to executing on the existing roadmap, the choices become simpler and more familiar.

 

While each of the organizations Optiv engages with are at differing levels of security program maturity there are common themes in the program objectives. The good news is that the natural evolution of security enablement dovetails with providing expanded, easier to access services for employees and customers. Some of these common objectives are:

 

TL COVID 19 WFH Img 1

 

With the realization that the security organization’s objectives are still in place, valid and beneficial to the current state, executing on those objectives’ bonds existing cybersecurity principles to those projects and ultimately to the remote workforce.

 

ThoughtLeadership_COVID19SecuringWFH-Securing-Remote-Workforce_Blog_Image 719x553

 

Security awareness training – Regardless of the degree of cybersecurity controls that are put into place humans still sometimes make bad decisions. Cybercriminals are using the daily media frenzy to their advantage. Continue to provide employees with routine cybersecurity training, reminders and tips. Additional considerations:

 

  • Provide readily accessible documentation on how to obtain remote access
  • Publish a list of approved collaboration tools for chat and online meetings
  • Supply guidance on what applications the organization will be permitting remote access to and the timeline

 

Endpoint security – Review mobile asset inventories and ensure that endpoint security agents are fully deployed and updated in order to combat the increased risk of malware. Additional considerations:

 

  • Validate and publish the steps for remote endpoint security agent enrollment
  • Implement host validation checks to ensure a minimum standard is met before allowing access to sensitive information
  • Determine the level of access that will be permitted for BYOD

 

Identity and access management – Regardless of the methods that are being implemented to expand remote access proper management of user identities will be the linchpin to a successful secure rollout. The table stakes are ensuring your directory services are accurate and accessible to remote applications. Additional considerations:

 

  • Leverage single-sign on (SSO) dashboard for application distribution
  • Utilize multifactor authentication wherever possible
  • Enhance and expand monitoring and reporting on access to sensitive information

 

SecOps – The change in system access methods will shift service loads and expose new capacity constraints. Ensure SecOps management is included in business line decision planning on remote workforce enablement. The operations team will have to stay abreast of dynamic changes in traffic flows, peak operating times and new sources of telemetry to incorporate into monitoring tools. Additional considerations:

 

  • Determine the feasibility of including the SecOps team as designated employees to work from home
  • Coach the team on how the shift to work from home will affect operating parameters and behavioral monitoring systems
  • Ready a tiger team to implement new telemetry acquisition and monitoring for net-new applications and access methods

 

Download our technical WFH checklist for more actionable steps you can take to secure your organization wherever it may be in its cybersecurity journey.