Worldwide disasters have a way of bringing business continuity to the top of the list of priorities for enterprises. When a disaster also brings an increased number of remote employees, enterprises must take a look at how to secure the business while ensuring that remote teams have the access and flexibility they need to do their jobs well.
As remote teams grow, enterprise security experiences an increase in the number of threats from hackers. Security teams now must examine the scope of the attack surface and the different tools and strategies they may need to employ to protect remote employees’ devices from threats. It’s a delicate balance between usability for remote teams and security that protects business continuity. Security teams can embrace three steps to help achieve the right mix:
Monitor Remote Access: Business continuity teams need to create a baseline that helps them assess what normal activity is when employees are accessing the corporate network from atypical locations and devices are being used in a bring-your-own-device (BYOD) program. They will need to frequently monitor and update typical patterns in order to correctly identify anomalies.
Security teams used to be able to track a source IP address for authentication, but this may not be reliable in an era where employees are no longer restricted to a particular location. They will need to look at a variety of valid networks and accept that they will often examine what turns out to be a false positive.
Improve Visibility: Remote teams make it more challenging for a security team to monitor and log network activity because employees may be using outside networks and utilizing devices that don’t log activity. While an enterprise may use anti-virus and endpoint detection and response tools for collection and monitoring of activity, inconsistencies in when and how those logs are sent can reduce visibility.
In addition, the visibility of the network is compromised by remote devices that aren’t connected to the virtual private network (VPN) and are not routed through firewalls and web proxies that would log activity. Security teams may miss important threat activity indicators like signs of web-based malware or data exfiltration.
Some enterprises are improving this aspect of remote teams by utilizing more cloud technology, which uses an “always on” approach to monitoring.
Update BYOD Policies: Enterprises are forced to weigh the convenience and cost savings of BYOD programs with the increased risk introduced to the network and systems. Some enterprises are using BYOD solutions that allow security software to be extended to remote devices, which also enables them to access security logs. Enterprises may also want to clear devices for recent security updates and use anti-virus scans before allowing any device to access the corporate network.
Business continuity teams do not need to feel an overbearing tension between equipping employees with flexible access and prioritizing security. Through up-to-date BYOD monitoring practices and a close following of usage patterns, enterprises can securely support remote teams.For more information about effectively managing business continuity while equipping remote employees for working anywhere, anytime, contact us at AMD Communications.