The world is rapidly changing, and the evolution of technologies opens new ways to do business, where physical presence may not be a mandatory requirement for many jobs.
COVID-19 has expedited the process, where 88% of the organizations have requested or supported its employees to work from home during the pandemic.
By Diego Souza, Global Deputy CISO, Cummins Inc.
However, this not so newly created way to work has brought new challenges to the organizations to provide an adequate level of support to its employees aligned with security concerns in how to protect their data and system in this new extended work environment.
Security leaders had to scratch their heads to provide quick security controls to support the business and enable the work from home opportunity. Focusing on the security aspect of this challenge, security leaders should consider the following:
1. It is a non-trusted environment, and a zero-trust approach is mandatory. Most, if not all, the organizations do not have the luxury to provide security support to their home users’ network, making it unpredictable to validate the security configurations and controls in place. Security leaders need to have that in mind when planning to provide controls for network extension, especially if they do not trust that the environment has the minimum security requirement to establish a connection.
2. Reliable identity and access management controls became non-negotiable requests to enable the work from home business capability. Since the user is still the weak link in the process, leveraging multifactor certification-based authentication is imperative for controls to be in place. Enforcing system strength password configuration helps the organization to avoid having to deal with a weak user’s authentication keys, as a recent report from a security organization states that employees are reusing one password an average of 13 times, and 80% of the breaches are related to password issues.
Security Leaders must also pay close attention to least privilege access, ensuring users will only have access to what is required for their job, reducing the risk of attackers leveraging users’ access to make lateral moves into systems due to overprivileged access rights.
3. As previously mentioned, securing the source of the connection may be a challenge to almost all organizations. It is nearly impossible for business leaders to identify whether an employee is using their local wireless connection from home or a public Wi-Fi connection at a coffee shop. Hence, ensuring the privacy of the links becomes yet another mandatory requirement to enable the work from home capability. Many organizations rely on traditional VPN solutions, which create a secure point-to-point connection with encryption to protect the communication from a non-authorized actor.
Traditional VPNs do have some challenges, such as sub-nets conflict, substantial firewall opening challenges, routing problems, and others; however, it is still worth having. The connection of privacy is imperative to any organization that cares about their data protection. The good news is that there is a new technology, the next-generation VPN, where the connectivity to the business network is managed via a cloud service provider. The CSP transfers the responsibility of securing the source connected to them and delivering to business in a segmented channel, a unique connection to a specific application as pre-configure. For organizations looking to enhance their connection protection, this new technology could be a good option instead of the traditional VPN solutions.
4. You only protect what you can see. This is a classic quote within security organizations. Placing strong visibility and monitoring solutions are critical to any business that wants to ensure that non-authorized people are caught if they bypass the security controls in place. It goes from the traditional IDS (Intrusion Detection Systems), IPS (Intrusion Prevention System) to the most modern SOARs (Security Orchestration, Automation, and Response) and UBAs (User Behavior Analytics) solutions implementation. It is also important to highlight that any security application will be as good as the quality of the data it ingests.
Increasing visibility over remote connections is a critical path for cybersecurity organizations in order to provide appropriate response to any security incident or event. To perform their day to day job, employees from remote locations connect to the business network. It is imperative to have visibility into how they interact with your system and to have the ability to identify abnormal behaviors quickly.
As we see, enabling the business to expand its capability beyond its traditional network via remote access for users is not a simple plug and play activity. Cybersecurity organizations must be closely aligned with the business objects and ensure that all necessary controls are in place to safeguard the company and employee data, as assets in this new work environment are increasing exponentially due to the current pandemic of COVID-19. It is clear that working from home is not a palliative measure, but it is a new business model, which is not going anywhere, and is here to stay.
About the Author
Diego Souza is the Global Deputy CISO – Cummins Inc. He is a savvy business executive with over 18 years of experience delivering innovative Cyber Security solutions and leading sizeable global cybersecurity teams such as United Airlines and General Electric. Souza is a thought leader very adapted to safeguarding the confidentiality, integrity and availability of corporate data, information systems and operational technology.
CISO MAG did not evaluate/test the products mentioned in this article, nor does it endorse any of the claims made by the writer. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same. CISO MAG does not guarantee the satisfactory performance of the products mentioned in this article.