In response to the rapid rise in remote work, cybersecurity teams have increased their efforts to protect their dispersed team’s cyber hygiene. The rapid rise in remote work to protect the health of employees has required cybersecurity teams to scale their efforts to similarly protect the cyber hygiene of these workers as they operate in new conditions. One of the key directives for cybersecurity departments looking to safeguard the people and data within a distributed enterprise is the implementation of cyber defenses that can move with employees and protect them—regardless of their location or device.
This is particularly important as employees' struggle to juggle work demands, family and homeschool duties, and a new office environment. Not to mention, the looming stress about today's uncertain global conditions. What results is distracted employees who are more likely to be fooled by a cyber scam or phishing attempt than they would be back at the office.
In a nutshell, organizations need support from cybersecurity departments to ensure that there's an adequate backstop to protect their people. A comprehensive and effective approach to protecting people while they work from home will prevent malware and phishing, keep attackers at bay and minimize any insider threat.
Stop malware and phishing
Unfortunately, attackers like to prey on a distracted or manipulatable workforce. These bad guys have heightened their efforts to barrage employees with phishing attempts and malware campaigns in order to take advantage of the situation wrought by the global health crisis. Google Analytics has reported that phishing attempts have more than tripled in recent months, and numerous security research sources have shown that phishing attacks with misleading but topical content related to government aid and face masks are pouring into global inboxes. Organizations must make sure that, if a remote worker accidentally falls for a phish or encounters malware, a system exists to automatically block data transfers from their device, preventing breaches or other fallout.
Keep attackers out
While every security vendor checks for phishing and malware attempts via web security, companies should be reassessing in order to ensure that these defenses scale well outside of headquarters. Security teams should be thinking about how they can block would-be intruders automatically by leveraging cloud-deployable solutions that ensure that people are always protected as they use web content, email, and cloud apps from anywhere.
Ideally, the solution should include advanced tools that also handle targeted attacks. For example, advanced malware detection engines that can sandbox advanced attack attempts and trigger reduced privileges for a machine. Proactive security automation will go long way toward reducing the risk of hidden attackers who’d try to use employee machines to move laterally through the network.
Minimize Insider Risk
Finally, with so many employees spread out around the globe, it can become more difficult for organizations to track and minimize insider threats. Newly remote workers could potentially be using their access to corporate resources inappropriately—whether for malicious reasons or just careless expedience. In any event, these policy violations increase the organization’s risk of attacks and costly data leaks. Organizations should be looking to utilize automatic user-behavior monitoring solutions to locate risk early so that they can take action and immediately flag unusual activity, while giving security teams visibility into emerging risks.
For six actionable tips to help you scale your security strategy to protect people and data everywhere, watch this webcast: Keeping Remote Workers Safe and Your Work Secure.