June 30, 2020
6 Essential Security Considerations for the ‘New Normal’
As remote work becomes the norm, these practices can help organizations overcome new challenges.
We’ve also seen some unexpected benefits. Employers whom I speak with in my role at CDW report that they’ve seen higher levels of productivity and engagement from their teams. Free of the constraints of lengthy commutes and a rigid schedule, employees are now experiencing better work-life balance and are deriving more pleasure from their work. I believe that we’ve arrived at a new normal where remote work will become a standard arrangement for knowledge workers.
Both companies and employees will benefit from this approach. While employees can better balance their lives, companies will be able to reduce overhead expenses by consolidating and eliminating expensive physical offices. This work style comes with new cybersecurity considerations, and I urge organizations to adopt six key practices to adapt to our new working patterns.
1. Implement Next-Generation Endpoint Protection Solutions
One of the biggest changes that comes with remote work is that employee devices operate outside of the network perimeter that is established in an enterprise office. As a result, organizations can’t depend on network-centric security controls to protect them. Next-generation endpoint protection solutions defend devices no matter where they travel.
2. Maintain Remote Patching
Another consequence of devices not visiting the office is that IT staff can’t keep a close eye on them. Organizations that aren’t already deploying a comprehensive patch management solution should put this at the top of their list. Don’t just focus on the operating system, as application vulnerabilities can pose serious risks. Fortunately, many patch management solutions are capable of handling a wide variety of security updates.
3. Deploy Multifactor Authentication
Passwords are no longer sufficient to provide strong security. Password reuse, dump sites and cracking tools make passwords vulnerable to attack. Deploying multifactor authentication adds an extra layer of control so even when intruders steal a password, they still face another layer of authentication, blocking their access to the network.
4. Implement DNS Filtering
Ransomware and botnets continue to plague organizations across industries. Implementing DNS filtering is proved to block 91 percent of command-and-control traffic used by this malicious software, stopping it in its tracks.
5. Ramp Up User Education Efforts
Most serious security threats require some type of user interaction to succeed. Cybersecurity teams should ensure that end users understand the role that they play in protecting the organization against attack. One-time training just doesn’t cut it anymore — users need continuous education.
6. Seek Professional Assistance
Take the time now to work with CDW on an incident response playbook. CDW frequently helps organizations secure their remote work arrangements. Our solution architects can review an organization’s work-from-home security posture, help design internal security controls and conduct penetration testing to identify potential weaknesses.
We’re embarking on a bold new adventure. I’m excited about the opportunities presented by remote work and look forward to helping CDW clients navigate our changing work environment.