The COVID-19 pandemic has made hybrid remote working the dominant model among professionals all over the world. Therefore, it’s essential for organizations to focus on endpoint security. By using the best endpoint security infrastructure, it is possible to protect remote workers from breaches while managing remote work. With a greater focus on flexible working methods, companies are creating and implementing policies that enable them to empower employees to work from their homes or other remote locations. What does good endpoint security look like in the era of remote and hybrid work?
Hybrid Model as the New Normal
The pandemic has forced businesses and workers of all kinds to operate from remote locations. While the shift to remote work was at first a temporary solution to prevent more people from being affected by COVID-19, remote working practices are still going and will continue for at least a while. Companies are more readily adopting the hybrid working model with half of their teams working from home and working with each other online.
Businesses face the tough challenge of managing their operations and figuring out new ways to boost their productivity. Companies must get creative about using their resources to support their remote access needs. The problem with remote computing is that it creates endpoint risks that companies may not have thought of or fought against before.
Millions of people now connect with their company through their home networks, without the protection of a firewall. Moreover, employers require security teams to monitor these systems while working remotely themselves.
Meanwhile, attackers try to take advantage of these endpoint risks. By making use of fake COVID-19 maps and phishing attacks, these criminals try to trick workers into disclosing their credentials and downloading apps like ransomware and malware. There have been numerous instances where attackers have infected public health sites with ransomware. Attackers make malicious apps for Android devices that pretend to alert people about others infected with COVID-19 who are close by.
Even small and mid-sized companies have faced attacks resulting from mass-level remote working. Ransomware attackers want money, and they’ll target both small and large companies to get it. Attackers can target unprotected devices, such as personal computers and mobile phones, and then use these devices to breach corporate networks. In this way, they can infect companies and demand large sums of ransom.
Endpoint Security for Remote Workers
Take a look at control measures that you can put in place to protect your remote workforce from possible breaches. These measures will also come in handy in protecting employees as they return to their corporate offices and corporate networks.
Endpoint Detection and Response
First, implement top-grade endpoint security that goes beyond the standard antivirus software.
The latest endpoint detection and response (EDR) solutions are meant to operate beyond the corporate network. Such solutions can stop malware and enable robust threat hunting. These endpoint protection systems can activate response actions right away, too. For instance, they can prevent new malware apps from installing and running. They can also remove malware from computing systems. If you have been thinking of upgrading your systems, it is important to work with state-of-the-art EDR and secure all the endpoint devices by gaining complete visibility on or off the network.
Virtual Private Networks
Next, use a virtual private network (VPN) while connecting to critical internal systems. A lot of corporate departments, such as human resources and finance, may be required to handle important and sensitive data while working from remote locations. Employees who need to travel for urgent business may need to work from a hotel or a café or use their personal smartphones to handle their operations. Therefore, they should use a VPN to protect all data, ensure privacy and prevent corporate systems from being exposed to outside threats. Companies should take steps to limit who gets access to what information over the VPN. Employees at the endpoint should have access to the information they need to do their work, and nothing more.
Use two-factor authentication (2FA) or multi-factor authentication (MFA) for all applications. While working with your company’s apps, you must implement 2FA or MFA for enhanced levels of security. Use them for diverse external applications such as cloud-based enterprise resource planning systems, Microsoft Office 365, cloud-based customer relationship management platforms and corporate social media profiles.
Keep Security Patches Updated
Poor patching is one of the major issues from which many companies suffer. Therefore, you should check for regular security updates.
24/7 Endpoint Security Monitoring Coverage
You must monitor your network security, endpoint security, cloud apps and all associated infrastructure around the clock. After all, your employees are going to operate outside their standard business hours. They are not going to use corporate devices all the time. Hence, it is crucial to deploy 24×7 security monitoring coverage.
As you start working with modern EDR solutions, it is essential that you determine which system processes and alerts are standard and which are not. You need to reduce the false positives as well as respond promptly to actual threats.
Remote Worker Endpoint Responsibilities: Wi-Fi Connections
Employees also need to do their part when working outside the office. The Wi-Fi systems that are used at home nowadays provide a basic level of security. However, the public Wi-Fi networks that are often used in public spaces, cafés and restaurants are not secure. Attackers looking to steal confidential information may target them.
A lot of people do not change the password they use for their home router once it has been installed. This leaves their home network vulnerable and is an overlooked part of endpoint security. The password should be a strong one so that attackers cannot simply guess it. Employees should also be asked to keep their firmware updated, as this can make it easier to patch vulnerabilities.
The most important step for anyone working from home or remote locations is to choose strong passwords. You should not use the same password for multiple accounts. If you do, all your accounts will become vulnerable once one account has been compromised. You should also not use the ‘remember password’ function when you access company-based apps and company information systems from your personal devices.
A firewall is a major form of endpoint defense that prevents attackers from getting into the company’s network. The firewall closes the ports between the internet and the devices used by the employees. It blocks malicious programs and unauthorized devices from entering the network to reduce the risks of a data leak. Usually, operating systems come with a built-in firewall, but you can also use hardware firewalls that come with the routers.
Along with using a firewall, you should strengthen security with the help of antivirus software. High-quality antivirus software with advanced features can detect and block all types of malware. It can protect networks and devices even when malware somehow gets into a device used by an employee. Remember to keep it updated.
Employees often need to send confidential company information to their fellow workers. In such cases, it is important to use the latest end-to-end encryption tools. The good thing is that a lot of messaging service providers these days offer an end-to-end encryption feature as a default.
In case employees have to work from a public space, it is vital that their devices always remain secure. In such cases, it is important for them to use a password for protecting their devices and content from unauthorized personnel. Implement a strict policy about using device passwords.
Phishing is a common security threat. Train your employees to detect and prevent phishing attacks and other methods of social engineering that involve remote devices. Remind them not to open suspicious emails and junk emails from sources they do not recognize, especially if they are told to click on some link and/or open a file. If emails are received from people they know asking odd things, they should be considered suspicious as well. Double-check emails with a phone call if there’s any doubt.
Endpoint Security Is Manageable
The pandemic is putting a lot of strain on the resources used for security operations. Companies are already stretching their resources to monitor online behavior and prevent possible threats. While it is true that there are some logistical challenges in putting endpoint security practices in place, they’re still very important. This is why companies should focus on getting in touch with endpoint security experts who can help them secure their many endpoints, wherever they are located.
Aritra Bhowmick is an experienced Information Security professional with 16 years of experience. His expertise is primarily in the information technology and...