Manage these 3 IT Security Risks to Keep Your Remote Workforce Secure and Productive

A tight labor market, the globalization of technology, and many other factors continue to drive the trend toward workforces that are more mobile, embrace working from home, and that are in need of new solutions for cybersecurity.

According to Gartner, “by 2020, organizations that support a “choose-your-own-work-style” culture will boost employee retention rates by more than 10%.” Forbes has also posited that Financial Accounting Standards Board (FASB/IASB) accounting changes, which went into effect January 2019 in the US, impact every company leasing commercial real estate in a way that, as “cost-optimization strategy,” will induce businesses to increasingly hire remote workers and offer telecommuting options.

While remote work confers many benefits, the downside for information technology (IT) teams is that it does make IT security more complex. How can organizations ensure that their remote workers are empowered with the tools they need to be productive, without exposing the organization to inordinate cyber risk?

To that end, let’s consider three key challenges organizations face in enabling and protecting remote workforces, and then identify best practices for addressing these challenges.

Secure Remote Access to Corporate Resources
Bring Your Own Device (BYOD)

Today, remote employees usually connect to corporate resources directly via a VPN or hosted via cloud resources. These employees are often behind their own home routers that employ technology like NAT to isolate the network. However, this creates a network routing problem for traditional IT management and security solutions.

Corporate cybersecurity solutions cannot resolve and route to remote employees to push updates or directly query systems. Thus, all remote devices must poll (initiate an outbound connection) into cybersecurity resources for updates, or to submit data. This often requires a persistent outbound connection to determine state—regardless of using a VPN or cloud resources—and can falter from trivial network anomalies commonly found in home-based wireless networks or cellular technology.

Additionally, discovery technology, pushing policy updates, etc. all become batch-driven as opposed to near real-time due to name resolution and routing limitations. Even remote support technologies require an agent with a persistent connection to facilitate screen sharing since a routable connection inbound to SSH, VNC, RDP, etc. is not normally possible for remote employees.

Thus, the top cybersecurity challenge for remote employees fixates on devices that are no longer routable, reachable, or resolvable from a traditional corporate network for analysis and support because they are, in fact, not on the traditional corporate network. This leads to a remote access security gap that can be initiated by IT resources, versus the end user.

Remote employees are generally enabled via one of two policies:

Corporate-supplied information technology resources, or
Bring your own device (BYOD).
Enforcing Consistent Cybersecurity Hygiene

While corporate-deployed resources can be robustly hardened and controlled, personal devices are often shared and not subjected to the same security scrutiny. Organizations struggle to manage end-user devices with mobile device management (MDM), or enterprise mobility management (EMM) solutions, and technology that can only isolate applications and user data on a device.

IT teams can simply not harden employ-owned devices and govern the device operations as tightly as a corporate deployed system. While BYOD is no longer a new concept, organizations still struggle to enable it without introducing unnecessary risk. The methodology your organization chooses is ultimately a balance between cost, risk, and usability, with neither of the above options a clear winner.

The third challenge for securing remote workers involves fundamental cybersecurity controls like vulnerability assessments, patch management, and anti-virus. Traditionally, all of these were performed using network scanners, agents, and services to execute various functions, and require connectivity to on-premise servers.

Cloud technologies have made these security basics easier to manage, but many organizations have not matured enough to embrace these technologies for remote employees. However, organizations empowering remote employees should consider the cloud for managing basic cybersecurity disciplines since connectivity issues are only getting worse with cellular and other mobile technologies that cannot maintain a persistent and routable connection. The cloud offers universal resources—outside of a traditional data center—to which remote devices can securely connect and embrace methodologies like geolocation and two-factor authentication, for additional layers of security.

Best Practices for Securing a Remote Workforce

IT teams that need to secure a remote workforce should keep an open mind toward the acceptance of new technologies, methodologies, and workflows to accomplish cybersecurity best practices. This includes using MDM/EMM solutions, leveraging the cloud, and monitoring data and workflows to prevent a breach.

IT teams should think outside the box regarding connectivity. We live in the age of cellular and broadband, and will see a bandwidth evolution with 5GB. The theft of massive quantities of data can occur in just minutes using wireless technology, and new techniques are needed to defend against these threats. This is not only from a remote employee copying the data from corporate resources, but also cyberthreat actors breaching a remote employee and leveraging them as a beachhead.

Therefore, IT teams need to understand their business models and account for the roles remote employees play, and the data and system risks they represent. With this firmly in mind, organizations can build a strategy that enables workforce productivity, while prudently managing cyber risks, with the right mix of modern security technology and practices.

BeyondTrust technology has been engineered to enable organizations to embrace security best practices for a remote workforce. To learn how BeyondTrust can help you address secure remote access, privileged access management, and vulnerability management for your remote devices and mobile workforce, contact us today.

Morey J. Haber

Chief Technology Officer, Chief Information Security Officer, BeyondTrust

With more than 20 years of IT industry experience, and author of Privileged Attack Vectors and Asset Attack Vectors, Mr. Haber joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. He currently oversees the vision for BeyondTrust technology encompassing privileged access management, remote access, and vulnerability management solutions, and BeyondTrust’s own internal information security strategies. In 2004, Mr. Haber joined eEye as the Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was a Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. Mr. Haber began his career as a Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science in Electrical Engineering from the State University of New York at Stony Brook.

Up next

From February 21, 2019:

How to Use Vulnerability Assessment to Quantify & Reduce Cyber Risk

From February 26, 2019:

Hardcoded and Embedded Credentials are an IT Security Hazard – Here’s What You Need to Know

You May Also Be Interested In:

Whitepapers

The Guide to Just-In-Time Privileged Access Management

Webcasts | July 25, 2019

BeyondTrust Public Sector Customer Update

Webcasts | July 30, 2019

Privileged Access Management Solutions

Products

Use Cases

Resources

Privileged Access Threat Report 2019

On the Blog

News