With the sudden explosion in remote workers, security teams must monitor a new host of endpoint devices for malware, fileless attacks and a flurry of threats targeting remote users. Lack of visibility into remote user activity Resources: Find out how Cortex XDR provides the best protection available against endpoint attacks, and see how Prisma Access extends network protection to remote devices.ģ.
Limit corporate network access to only trusted devices (e.g., those who meet defined criteria through host information profiles). These solutions should block endpoint threats such as malware, exploits and fileless attacks, but also detect risky behavior, such as employees using unauthorized desktop sharing applications at home. Consider endpoint and network security solutions that are designed for geographically distributed workforces, such as cloud-native approaches. Recommendation : If you haven’t done so already, start by extending endpoint security – both endpoint protection as well as detection and response capabilities – to all of your remote users. With a geographically distributed workforce, they need to make sure they can install, manage and support security products remotely. Teams must ensure that these devices are protected against malware and viruses. This surge in new devices presents unique challenges for security teams.
Some organizations are allowing employees to temporarily use personal home devices for business purposes. Global “stay at home” policies have forced many organizations to purchase and ship new laptops and other devices to their newly remote workforce. Resources: Learn the 5 Steps to Zero Trust and extend this methodology to your remote access policies. These Zero Trust principles can help limit your exposure.
You can also reduce an attacker’s ability to move laterally through the network with network segmentation and Layer 7 access control, patching internal servers and clients and leveraging advanced threat prevention capabilities and antivirus to block exploitation attempts. Recommendation: It’s critical that companies enforce access based on user identity, allowing specific groups access to only what they need to get their jobs done, and expanding access from there on an as-needed basis. We’ve shared examples of this type of vulnerability being exploited by disgruntled former employees, and it can just as easily be exploited by attackers. The problem is that many legacy firewall rules enable access to practically everything in the network. Not so much the case anymore – VPNs are often encouraged for all users as a more secure connection than home or public networks. Historically, many companies deployed VPNs primarily for technical people needing access to critical technology assets. Once attackers get access to a virtual private network (VPN), they can often penetrate the rest of the network like a hot knife through butter. Here are five top security risks that teams must deal with, as well as technology and user education best practices to keep users and data safe: Security teams not only face the universal challenges imposed by this crisis, but must also overcome unique obstacles such as protecting a newly remote workforce and stopping pernicious attacks targeting remote users. COVID-19 has upended our way of life, and in doing so, has unleashed a Pandora’s box of new cyber threats.