Cyber Security

Future proofing endpoint security in light of COVID-19 work disruptions

The COVID-19 pandemic has forced businesses to quickly rethink the way they operate. As organisations continue to grapple with on-going business disruption, working from home is quickly becoming the new norm for many employees. Business leaders are now beginning to witness the positive impact that a remote workforce is having on the bottom line.

In fact, a new study conducted by Gartner revealed that 74% of CFOs expect to move at least 5% of their previously on-site employees to permanently remote positions post COVID-19. The dramatic rush to remote working has created additional cybersecurity threats, and the need to secure the corporate ecosystem has never been more important.

Mitigating the security risks of a dispersed workforce

With the businesses shifting their operations from the office to the home, remote working does come with its risks. For instance, the risk of an employee connecting to an unsecure network, or an employee using a personal device for work purposes are all drastically increased. Additionally, the risk of an employee indadvertedly or purposefully sharing a company’s confidential information also increases. These factors all provide bad actors with more avenues into the corporate network infrastructure.

Businesses need to focus on employee awareness and behaviour during this period of time. Unfortunately, this work from home dynamic is creating ever more opportunities for cyber criminals who are seeking to exploit people’s anxieties during this pandemic. A recent report found that phishing emails have spiked over 600% since the end of February, with the majority looking to capitalise on people’s fears, using terms such as “COVID-19” to draw-in unsuspecting victims.

If employees aren’t vigilant to these new threat vectors, they can put their organisation’s entire network at risk. It’s now more essential than ever for businesses to review their security systems, so that they can ensure that the workforce is empowered to work safely from home – without jeopardising the security of the enterprise.

Create a strong foundation

The first, and most critical, step for businesses to mitigate security risks and ensure a seamless transition to remote working is to enroll all user’s devices that will be used to access business data in a unified endpoint management (UEM) platform. Businesses should choose an UEM platform that allows for the provisioning of any device, in order to accommodate both corporate issued devices and employee’s personal devices. By doing so, it allows IT departments to gain visibility over all end points that are being used to access sensitive business data and mitigate any threats from afar.

Partitions can also be created to accommodate two distinct uses of a device: the work persona and the personal persona. This allows the employee to have full access over the personal side of the device, while the work side is kept separate and protected from threats that may derive from an employees’ personal activities.

Empowering employees with remote protection

Another significant step businesses should take to ensure employees work securely from home is to deploy a threat detection tool. This protects the device and its data from threats at an application, device and network level from leaky or malicious software and from phishing attacks, even when the device is offline. It also works to immediately remediate potential threats and breaches by instantly notifying users, or by taking action to quarantine a compromised device.

With UEM and threat detection systems, IT departments are able to track the security status of their employees’ devices and their critical information such as operating system versions and applications. If a threat is detected and the user needs to retire a device, unenrolment can be initiated instantly. In the event of a device becoming compromised, IT teams can also quickly wipe business related applications to remediate any risks.

This can be remotely managed by IT departments and does not allow users to modify or remove the threat detection tool from their own device. The additional layer of security reduces the burden on the end user whilst empowering employees to continue being productive from the comfort of their own home.

Remote working: the new norm?

As businesses look to help their employees navigate through the world of remote working, both have critical roles and responsibilities in securing organisations and ensuring cyber threats do not further disrupt the work environment.  It’s unclear how long forced lockdown will go on for, but it’s vital that those organisations without a remote working policy create one quickly to scale their arrangements and accommodate the unique problems working from home presents.

Cyber criminals are already exploiting the relaxed security measures brought about by this sudden shift to remote working. With many employers now evaluating the medium to long-term benefits that a remote workforce brings, it will be interesting to see if this dispersed way of working will become the new normal even once restrictions are lifted.”

By Brian Foster, SVP Product Management, MobileIron