Header Ads

Breaking News

Work from home, phase 2: What comes next for security?

As most CISOs know all-too-well, large-scale work from home (WFH) initiatives due to COVID-19, where the priority was getting users up and running as quickly as possible, forced security leaders into an unanticipated follow-on sprint to deliver elementary security safeguards for remote employees (i.e., VPNs, endpoint security controls, network security controls, etc.).

This is the new reality, and it’s an ongoing scramble, but what comes next? 

Let’s call the current situation phase 1, which is about employee access, network communications confidentiality/integrity, and basic endpoint security. 

Since posting my last blog, which described how COVID-19 is changing CISO priorities for 2020, I’ve heard of additional IT efforts to address network performance and user productivity (phase 1A).  Some organizations are implementing split tunneling so key employees can access VPNs and the internet simultaneously.  Some are paying to upgrade employee bandwidth — especially for executives spending their days on videoconference meetings while their children use the same networks for home schooling.  My colleague Bob Laliberte also tells me about companies instrumenting key employee systems with WAN optimization software.  Back at corporate, there’s also lots of load balancing and SD-WAN activity.

From a security perspective, forward-thinking CISOs are now on to phase 2 focused on situational awareness and risk assessment.  This is directly related to the fact that a lot of LAN traffic has been rerouted to WANs and internet connections.  The goal?  Scope out the new realities of usage patterns and the attack surface.

To gain this level of visibility, organizations are deploying endpoint security agents to assess device posture and system-level activities.  Think Tanium agents and EDR software from vendors like Carbon Black, CrowdStrike, and Cybereason.  Security pros also recognize that employee home networks may be populated with insecure IoT devices, out-of-date family PCs, etc., so I’ve heard of instances where security teams are doing home network scans as well.  Finally, there is an increased focus on network traffic monitoring travelling back-and-forth on VPNs or directly out to SaaS providers and the public cloud. 

Copyright © 2020 IDG Communications, Inc.

Source Link

No comments