Protecting remote workers with strong endpoint security isn’t a luxury – it’s a necessity. Traditional antivirus solutions are no match for today’s advanced threats, and for many employees, work is no longer confined to an IT-issued laptop or corporate network. In addition, organizations and agencies around the world have moved to work from home policies in 2020, which has required them to enable and support remote staff in rapid time.
With fall approaching and no end to the global COVID-19 pandemic in sight, many work-from-home programs may last well into next year. With that in mind, here’s a step-by-step checklist of what you can do to protect your remote workers with strong endpoint security.
Remote Workers: The New Reality
The personal and business response to the coronavirus and COVID-19 pandemic means that we have a massive remote workforce like we’ve never seen before. For many organizations, work from home may become standard for the foreseeable future as organizations face the reality of adapting to new ways of conducting business.
It’s been challenging for many organizations to figure out how to keep things running smoothly in this new model. Unfortunately, remote computing has also exposed many organizations to a security risk they may not have fully understood or dealt with before.
The remote workforce means there are now many more employee workstations sitting outside of the corporate or enterprise network. There are millions of employees and contractors connecting to their employers’ networks via home networks with no firewall protecting them. At the same time, security teams are being asked to maintain 24/7 monitoring and visibility while working remotely themselves.
Unfortunately, threat actors are taking advantage of this situation. They are using phishing attacks and fake coronavirus maps to lure users into unknowingly exposing corporate credentials or downloading malware and ransomware. We’ve seen public health sites hacked and embedded with malware. Researchers at DomainTools issued an alert about a malicious Android app pretending to warn users about people infected with COVID-19 in their vicinity.
All organizations and agencies can be a target for cyber attacks. Ransomware is strictly about financial gain, and every organization is an equally viable target. Threat actors can also take over any unprotected devices – especially personal devices – and wait until they are reconnected to the corporate network to launch a broad takeover for ransom.
Six Endpoint Security Controls for Remote Workers
Here are six things you can do to protect your remote workforce.
- Implement endpoint security beyond traditional antivirus.
Modern endpoint detection and response (EDR) solutions are designed to operate outside the enterprise network. These solutions prevent non-file based attacks in addition to malware and enable you to detect threats faster than traditional antivirus solutions. They also give you the ability to initiate immediate response actions, such as preventing new malware from running or removing malware from systems. If you’ve been putting off an upgrade, now’s the time to consider next-gen EDR to get full visibility for all endpoint devices, off or on the network, and ensure strong endpoint protection.
- Implement Multi-Factor Authentication (MFA) or Two-Factor Authentication (2FA) for all applications.
Have you enabled MFA or 2FA for internal applications and your enterprise virtual private network (VPN)? Do you require MFA for external applications like Microsoft Office 365, cloud enterprise resource planning like ERP solutions, cloud customer relationship management (CRM) platforms, corporate social media accounts and others? If not, make it a priority to do so immediately.
- Use a VPN for users who need to connect to critical internal systems.
Many corporate departments like Finance and Human Resources may be handling sensitive data outside the physical office now. Employees who are still traveling for urgent or mission-critical business may be working from a coffee shop or hotel on their mobile devices. Requiring them to use a VPN will ensure that data stays private and that these systems are not exposed externally. It’s important to segment who’s allowed to access what over the VPN and make sure employees have the access they need for corporate network access. The DHS Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance on VPN use specifically in response to the pandemic.
- Keep up to date with patches.
Don’t let the craziness slow down your patch management program. Now, more than ever, systems and software need to be up to date. All software is vulnerable, whether it’s on a laptop, server, a chip within a firewall or an app on a phone. It needs to be patched on a regular basis to remain secure, work properly and protect employees from cyberattacks.
- Ensure you have 24/7 security monitoring coverage and capacity.
Today’s threat landscape requires eyes on your network security, cloud apps and infrastructure and endpoints 24/7. Employees are often working outside of normal business hours, on personal devices. If you’ve got next-gen EDR solutions in place, it takes a lot of expertise to determine what system processes or alerts are typical and benign, filter out false positives and quickly respond to actual threats.
A pandemic situation like we’re in now is straining the resources of security operations teams that were already stretched thin. This is making it harder than ever to manage endpoint security while keeping up with the other logistical challenges.
At Motorola Solutions, our 24/7 security operations center (SOC) is staffed with experts on a variety of endpoint platforms. Our team handles endpoint compromises daily and is well-versed in how to respond when a known ransomware exploit is in progress, or even a suspicious process that’s commonly used as a staging point for an additional attack is quietly placed on an endpoint device.
If you’re concerned about protecting your remote workers and keeping your data secure, get in touch to learn how we can support your in-house team with broader expertise and expanded coverage.