3 Tips for Security in the Remote Work Era

When the COVID-19 pandemic forced the nation into remote work mode, many organizations found out just how resilient their business continuity plans were—if they had one. This crisis has demonstrated the importance of the ability to quickly and seamlessly switch to work from home models.

Understandably, critical applications need a rearchitecting to be resilient in the face of unexpected change while maintaining the right security posture to protect valuable data, guard against threats and adhere to compliance obligations. The following top three considerations are important for every organization, large or small, across every market segment in today’s remote work environment. Organizations can put these steps into action immediately.

Safeguarding Collaboration and SaaS Apps

Regardless of whether an enterprise is directly embracing SaaS, users are self-selecting shadow IT tools to get their jobs done. With the shift to teleworking, the reliance on SaaS and its ubiquitous access will only grow. For example, it’s easy to appreciate the value of file sharing and cloud storage applications such as SharePoint, Google Drive or Box. Even if the corporate network and local folders are unavailable, it’s easy to upload and share files. And this can easily be extended beyond employees to partners or suppliers and even customers.

But how do organizations manage their cloud security? Visibility and control mechanisms must be put in place to address SaaS. Cloud access security brokers (CASBs) provide this critical technology, which analysts call out as an “essential element of any cloud security strategy.” CASB allows customers to understand their SaaS traffic, protect valuable data, guard against threats and ensure compliance objectives are met. Depending on the deployment, CASB can even provide visibility on that unsanctioned application traffic so policies can be put in place to shore up potential risk points.

Especially in the age of remote work, APIs provide critical insights on application use without the need for intercepting traffic—for example, using a proxy or installing endpoint agents. These APIs provide a wealth of intelligence to discover SaaS activity including who are top users, what’s being uploaded, where it is going, whether there are any risks or risky activity and more. They can also be used for remediation steps such as changing permissions so that a sensitive file is not visible to the public from SharePoint, or using built-in threat scanning technologies to identify malware ahead of costly damages or broad propagation from a Box folder.

Claroty

How can you make sure your SaaS applications aren’t compromised? How do you protect who gains access beyond just simple login-password combinations? That leads to the next point, which is applicable to both email and an organization’s critical SaaS apps.

Make Use of Multi-Factor Authentication

During the RSA Conference 2020, an engineer from Microsoft reported that “99.9% of the compromised accounts they track every month don’t use multi-factor authentication (MFA).” To put this data in context, Microsoft monitors more than 30 billion logins per day and more than a billion users. On average Microsoft is seeing roughly 1.2 million accounts getting compromised each month. And what’s most shocking, across enterprise accounts, only 11% had MFA solution enabled.

Compromised user accounts and passwords account for many of today’s most damaging security breaches. Whether bad actors collect these credentials via sophisticated phishing email scams or brute force attacks, without two-factor in place they can easily gain unfettered access to move laterally across the network and applications to wreak havoc.

This has accelerated the adoption of two-factor authentication. Two-factor or multi-factor authentication, achieved through physical hardware or mobile application tokens, increases the certainty of the identity of users as they enter the network. Multi-factor authentication is widely available, but organizations need to enable it and make it mandatory for their employees. And just like with the recommendations for email and SaaS applications already mentioned, multi-factor provides a key complementary technology to bolster security across these two critical environments.

Defend Your Inbox

Email needs to be reliable and accessible but also protected. Many organizations have come to rely on native functions for email security, but they don’t always measure up. The deluge of email-based threats will continue and probably spike during this period. The bad actors will take advantage of the confusion through their social engineering tricks and other exploits. Given the threat of phishing attacks, business email compromise and/or the latest ransomware, IT and security leaders need to protect their remote workers’ inboxes more than ever.

Remote workers are likely to connect to business applications not just from company-managed devices, but also from personal or unmanaged devices such as smartphones or tablets. Stopping the email threats on the mail server or in the cloud before it gets delivered to the user is imperative. Taking smart steps to avoid credential theft will be key. The same goes for protecting valuable data before it potentially leaves the organization.

Making Agility Secure

Organizations that have shifted to remote work need to ensure their employees are enabled with business-critical applications in a way that doesn’t increase cyber risk. By securing email traffic and SaaS applications, as well as adding the critical element of multi-factor authentication, organizations will overcome the current risks associated with working from home. And, as employees return to the office, they will also increase their security posture and productivity.

Avatar photo

Lior Cohen

Lior Cohen is Senior Director of Products and Solutions – Cloud Security at Fortinet. He has over 20 years of experience working in the information security, data center network and cloud computing spaces. Lior serves as Fortinet’s lead for cloud security solutions with a focus on securing enterprise public cloud-based deployments and private cloud buildouts. Lior previously held a variety of vendor and customer side positions in the cloud security space, including cloud solutions architect, information security consultant and subject matter expert for SDN, virtualization and cloud networking for leading industry vendors.

lior-cohen has 3 posts and counting.See all posts by lior-cohen