August 6, 2020 | 3 minute read
The global coronavirus outbreak has sparked a surge in organizations requiring their employees to work from home. To remain productive and competitive, remote workers need to be able to do everything they can do from their desk at the office. However, with this increase in telework, cybersecurity has become a major concern for these companies as large numbers of employees access their organization’s network from remote locations.
Some major corporations already had cybersecurity plans and systems in place to allow large numbers of employees to telework – but these companies are in the minority.
For the vast majority of organizations, the situation is very different. Until now, remote work at these companies was limited to a small number of employees, and realistically was only used for email and other non-operational systems.
Suddenly, these enterprises have found a wide variety of staff - human resources, finance, accounting clerks, procurement officers, the C-suite, sales, engineers, and other workers - logging onto the company’s network and attending online meetings. These companies were not prepared for such large numbers of employees accessing the company network—and sensitive company data—from remote locations and in some cases, through their home computers and private mobile phones. Companies have now realized they did not and in some cases still do not have the necessary cybersecurity precautions in place.
Simply put, organizations have to deal with two types of remote workers. First are the remote workers who use corporate laptops that are managed by the organization. With these teleworkers, the organization has an understanding of their security posture and controls are typically already in place. Second are those remote workers who work on their own machines. With these teleworkers, companies are finding that they have no knowledge of what, if any, security protocols are in place on the devices employees are using.
In either of the above cases, there are two obvious security issues.
One issue is the protection of proprietary corporate data. One of the core tenets of cybersecurity preparedness is maintaining the integrity of an organization’s data, whether they collect it from their partners or their customers. It’s not just that someone can steal the data, but also that cyber criminals can change the data. That carries enormous implications for the data employees need to do their job. It’s not enough just to protect the data in transit or on the backend; companies must also protect the storage device itself so that the data remains accurate.
The other cybersecurity issue of concern is endpoint security - making sure that the laptop, iPad, or mobile phone has the right security controls installed so that attackers can’t use that device as a conduit to penetrate the corporate network.
For remote workers, organizations have to make sure their endpoints are fully protected so that attackers can’t steal data or use the device to escalate privileges.
If an enterprise has a data breach due to weak cybersecurity for teleworkers, they will potentially deal not only with productivity loss, but also with damage to their company’s reputation.
As organizations around the world decide whether to continue with telework, they are facing the realization that while much can be done to prevent breaches, nothing is 100%. A cybersecurity posture that includes a response plan is absolutely critical to mitigate any risks, shorten the duration of a cyber attack, and quickly get employees back to productivity.
With the sudden increase in telework over the last few months, the digital perimeter of many companies has expanded at an incredible rate. The traditional approach of reacting to cyber threats and security issues only after a breach is discovered is no longer sufficient.
The current approach being embraced by forward-thinking companies around the world is to identify cyber threats and potential attacks that can bypass traditional cybersecurity products, and to take remediation actions immediately. Endpoint protection platforms are best suited for this proactive management approach to enterprise cybersecurity threats.
As hackers have become smarter and devised malware that can easily bypass traditional antivirus, antivirus protection is no longer enough for providing security for an organization. Endpoint protection platforms give a more comprehensive defense and allow for suitable corrective action against malware whose polymorphic codes keep evolving on their own.
Endpoint protection platforms are designed to collect and monitor potential cybersecurity threats on each endpoint. The data is not only used to detect threats, but also can be analyzed to determine the root cause of an attack.
As discussed above, businesses have been forced to expand their digital perimeter drastically as they allow large numbers of employees to work remotely.
The result is that enterprises now find themselves with hundreds of thousands of endpoints – those they own, and those they do not – on and off their networks. Such a large number of endpoints makes the network more vulnerable to cyber attacks as it can be breached from multiple points.
Endpoint protection platforms are specifically designed to meet the requirements of such large environments. Their design and architecture make it easy for them to collect and monitor data continuously on all these endpoints.
This exceptional feature of EPP solutions makes them very important for network security in any enterprise. In addition, if an organization outsources the management of their EPP, they can have a team of cybersecurity experts monitor their systems on a 24/7 basis.
To learn more about how to set up a strong security practice, check out our white paper, Five Clear Steps to Enhance SecOps with MITRE ATT&CK.