06-26-20 | Blog Post

The Mass Migration of Remote Workers and the Resulting Security Concerns

Blog Posts

That rapid and massive deployment of remote workers was accompanied by a substantial increase in the use of SaaS and cloud services. Examples: a 64% increase in quarterly revenues for Zoom as of May 2020 and 25x increase in Google Meet usage January to May 2020. The dramatic uptick in cloud services was reported as 57% of businesses realizing higher to significantly higher cloud usage due to the pandemic.

Fast forward to early June. While the heroic efforts to distribute workforces is a great success story, businesses are now beginning to consider when, how and how many people to integrate back into the office environment. Regardless of the outcome of those deliberations, the substantial increase in the use of cloud services and SaaS, by both office and home workers, requires an immediate focus on reassuring security policy and best practices. This focus is especially important as during the first quarter of 2020. The impacts of the pandemic are many.

Cybercrime Seeks Opportunistic Moments

With the increase in remote worker population, a primary cyber-crime opportunity becomes finding the hole in remote access security. With dwell time (the time a threat stays in a network before being discovered) averaging 43 days for ransomware attacks, cyber criminals can also be very patient, lying in wait for an employee device to reconnect to the corporate network directly. Infected by bots, malware and other cyber-threats during remote work due to the pandemic, both the COBO and BYOD devices can be latent gateways to the corporate network and increase the risk of a cyber-attack, ransomware, etc. Prior to giving returning employees direct access to the corporate network, several steps can be taken to reduce risk:

  • Reeducate employees and staff about threat avoidance in remote access scenarios.
  • Assure all patching, OS updates, AV updates, etc. are certified complete before directly reconnecting to the network.
  • Consider creating a corporate subnetwork for initial reattachment of COBO devices. The business may also want to consider not allowing connection of BYOD to the direct network until it can be determined the devices are 100% threat free.
  • Assure firewall policies are reviewed and updated.
  • Institute or upgrade endpoint monitoring. Audit-logging and SIEM are examples for Cloud Based and network-based monitoring respectively.
  • Review your Cyber-Insurance. It is inevitable that business risk will increase as employees migrate back to direct corporate network access. Assure that your Cyber-Insurance covers any downtime or legal ramifications associated with a Cyber-Attack.

Building Cloud Native Security and Zero Trust

There is a difference between end-point protection and cloud or workload protection. A compromised endpoint threatens only a small amount of data whereas an attack on a cloud-based asset (workload/server) can have much greater repercussions. If you haven’t done so already, assure your organization has deployed or is considering CWPP; workload-centric security protection. Defined by Gartner as: “workload-centric security offerings that target the unique protection requirements of workloads in modern hybrid, multi-cloud data center architectures.” As cloud services and SaaS have become primary to network and IT, network-based security alone is no longer adequate. The network perimeter has stretched from the physical boundaries to the device boundaries and ubiquitous access means the perimeter has changed from known to dynamic. CWPP is actually part of the zero trust architecture. The framework for Zero Trust was originated in 2010 (Forrester Research.) In networking, Zero Trust moves the network from “trust but verify” to “always verify and never trust.” When all data was contained on the corporate network, access was tightly regulated, and firewalling provided a known and strong perimeter; almost anything on the network was known and didn’t pose a threat. Cloud services has expanded storage locations, increased ways to access, and changed identity management requirements making the task of determining actual threats on today’s hybrid network a more complex and riskier matter. That’s where zero trust comes in, micro-segmentation, application behavior and visibility, multi-factor authentication and least privilege are core tasks of zero trustproviding a potential solution for today’s network security requirements. 78% of IT teams are considering zero trust as they face the reality of reestablishing pervasive security beyond the historical network.

Balancing growth and security as cloud services and SaaS replace traditional networks and applications is becoming a significant challenge for business IT and security. Addressing those challenges, while assuring compliance and data protection, is best supported by partnering to share design, best practices and experience. If your business is reconsidering its cloud security practices, workload security, or the implications of zero trust on SaaS or Cloud environments, Otava can help. Consider our secure, compliant cloud solutions managed by a team of experts trained in the latest security best practices. Call 877-740-5028 or contact us to learn more.

Related Blogs

What is Zero Trust Security: One such cybersecurity strategy businesses are using is the Zero-Trust model. What is it, and how can you use it to your advantage?

Best Practices for the Remote Worker: Consider implementation of Zero Trust. Zero trust is an initiative to move from “trust but verify” to a “never trust, always verify” approach. In practice, this model considers all resources to be external and continuously verifies trust before granting only the required access.

Overwhelmed by cloud chaos?
We’re cloud experts, so you don’t have to be.

© 2024 OTAVA® All Rights Reserved