Research Hub > 6 IT Security Considerations for the "New Normal"
Article
3 min

6 Essential Security Considerations for the ‘New Normal’

As remote work becomes the norm, these practices can help organizations overcome new challenges.

remote-work-security
Recent events turned our working lives upside down. With very little notice, millions of people around the world were sent home from their offices to suddenly adopt a remote work lifestyle. Four months into this adventure, most knowledge workers have adapted to working styles that replace conference rooms with video meetings and coffee chats with virtual happy hours.

Learn how CDW’s Amplified™ Security services can help you address the risks your organization faces.

We’ve also seen some unexpected benefits. Employers whom I speak with in my role at CDW report that they’ve seen higher levels of productivity and engagement from their teams. Free of the constraints of lengthy commutes and a rigid schedule, employees are now experiencing better work-life balance and are deriving more pleasure from their work. I believe that we’ve arrived at a new normal where remote work will become a standard arrangement for knowledge workers.

Both companies and employees will benefit from this approach. While employees can better balance their lives, companies will be able to reduce overhead expenses by consolidating and eliminating expensive physical offices. This work style comes with new cybersecurity considerations, and I urge organizations to adopt six key practices to adapt to our new working patterns.

1. Implement Next-Generation Endpoint Protection Solutions

One of the biggest changes that comes with remote work is that employee devices operate outside of the network perimeter that is established in an enterprise office. As a result, organizations can’t depend on network-centric security controls to protect them. Next-generation endpoint protection solutions defend devices no matter where they travel.

2. Maintain Remote Patching

Another consequence of devices not visiting the office is that IT staff can’t keep a close eye on them. Organizations that aren’t already deploying a comprehensive patch management solution should put this at the top of their list. Don’t just focus on the operating system, as application vulnerabilities can pose serious risks. Fortunately, many patch management solutions are capable of handling a wide variety of security updates.

3. Deploy Multifactor Authentication

Passwords are no longer sufficient to provide strong security. Password reuse, dump sites and cracking tools make passwords vulnerable to attack. Deploying multifactor authentication adds an extra layer of control so even when intruders steal a password, they still face another layer of authentication, blocking their access to the network.

4. Implement DNS Filtering

Ransomware and botnets continue to plague organizations across industries. Implementing DNS filtering is proved to block 91 percent of command-and-control traffic used by this malicious software, stopping it in its tracks.

5. Ramp Up User Education Efforts

Most serious security threats require some type of user interaction to succeed. Cybersecurity teams should ensure that end users understand the role that they play in protecting the organization against attack. One-time training just doesn’t cut it anymore — users need continuous education.

6. Seek Professional Assistance

Take the time now to work with CDW on an incident response playbook. CDW frequently helps organizations secure their remote work arrangements. Our solution architects can review an organization’s work-from-home security posture, help design internal security controls and conduct penetration testing to identify potential weaknesses.

We’re embarking on a bold new adventure. I’m excited about the opportunities presented by remote work and look forward to helping CDW clients navigate our changing work environment.

Mikela  Lea

Mikela Lea

CDW Expert
Mikela Lea is a principal field solution architect with CDW. She is a security engineer with 15 years of experience in technology and consultative sales, with an emphasis on security and e-commerce.