While the world continues to grapple with COVID-19, one security-related trend has emerged with nearly 100% certainty – higher numbers of remote workers are very likely here to stay. According to a new report published by insurance giants Chubb, a vast majority of people shifted to the home office because of COVID-19 are hoping to increase remote office hours, even when the situation has abated. Of the 1,200-plus individuals interviewed, 74 percent indicated that they want to continue working from home even when the pandemic subsides.
41 percent are experiencing increased pain in their shoulders, wrists and backs.
Increased Security Implications
The days of traditional security solutions such as VPNs and SSLs have already been fading fast in the rearview mirror, especially as they were never designed to support a massive remote workforce, they are similarly ill equipped to protect cloud-mobile-remote environments.
In general, organizations have to consider the current scenario with a renewed perspective driven by facts including:
- Traditional security systems are not designed for the cloud: on-premise legacy solutions simply don’t have the application awareness needed regarding activities happening in the cloud.
- A lack of visibility over apps, users, and data: unmanaged BYO devices used to access emails or data often create security blindspots, increasing the risk of data loss and compliance breaches.
- Lacking security controls to prevent unauthorized access: Home networks do not offer the level of security and scrutiny associated with enterprise networks, with many configured to default security settings.
- An Increased attack surface: Cloud assets, which have been largely restricted for access through enterprise networks and security controls, have been opened up for access from any location and any device.
- The threat of accidental disclosure: Remote collaboration has obviously risen to previously unseen levels, creating greater opportunity for mistakes that increase the risk of unintended data leakage.
roughly 50 percent are worried about increased exposure to cyber-attacks, including some 11 percent who report that they’ve already been targeted.
So What Can Be Done?
In short, to address the increase in remote workers, enterprises must…. focus on securing the human and data elements!
To enable tighter visibility and control over the remote workforce and secure collaboration, organizations must concentrate on data-centric and human-centric security – primarily to secure the users’ cloud and data access from any location on any device with zero-trust access controls. A few of the keys to this approach include:
- Secure access from BYO devices: Understand and classify endpoints, and how they are connecting to cloud apps. Allow only browser-based access and deny access from “thick” apps. Also consider digital certificate installation.
- Enlist Zero Trust identity protection: Assure that users accessing SaaS applications are who they say they are. Combine identity with adaptive access controls to enable contextual access and manage user behavior.
- Maintain deep visibility and application intelligence: Log all user activity in sanctioned clouds, allowing you to detect risky users or risky clouds in use – then immediately shut down malicious activities.
- Prevent multi-touchpoint data leaks: Define centralized policies, including DLP integration, to identify and protect sensitive data in rest or in motion across email and cloud apps.
- Secure offline data shares: Employ Rights Management to enable last-mile data protection – encrypting sensitive data, reports, and emails during downloads, and allowing only approved data decryption.
- Encrypt before upload: Identify and encrypt sensitive content in motion before it gets hosted in the cloud. Try out HYOK (Hold Your Own Key) policies that retain exclusive control over sensitive data.
- Use intelligence-led threat protection: Consider zero-day threat protection that encompasses cloud environments, preventing data breaches and losses from cloud-born malware and ransomware.
As COVID-19 continues to play out, it would seem that we’ll see even greater emphasis of cloud security issues that elevate the value of dedicated solutions such as Cloud Access Security Brokers (CASB).
In the meantime, try to stay safe, and maybe consider fewer trips to the kitchen, as Chubb reports that 42 percent of us are snacking more. Honestly, I think that’s a misleading figure. Either that or my hat is really off to the other 58 percent!
neque mauris sit amet arcu. Phasellus elementum libero eget risus ultricies, eget euismod dui venenatis ullamcorper vehicula. Etiam eu varius leo. Maecenas a commodo augue. Fusce lobortis ultricies sem, nec interdum ipsum vulputate a. Quisque at nibh ac purus aliquet accumsan. In lobortis elit et gravida varius.