Connectivity for Remote Work
Is Remote Work Weakening Your Cybersecurity?
Like a lot of companies, you may have needed to allow for employees working from home, or some other location outside the office. While it might have seemed like a short-term, temporary arrangement due to the coronavirus pandemic, for a few reasons it looks like this situation could continue for some time, and may even need to become a permanent part of your workforce setup.
Is a remote workforce, working from anywhere, on any device, a security risk to your network? What can you do to make sure your network is secure, while also being agile and flexible enough to allow for remote workers? Is it possible to provide employees working from home (WFH) an easy-to-use yet secure connection to the corporate network? What about connecting from unsecured public Wi-Fi networks?
It might seem like an agile, work-from-anywhere corporate network doesn’t fit with high security protocols and a rock-hard defense against malware, data breaches, phishing and hackers, but it is possible. It just requires some thinking outside the [hardware] box.
And don’t ignore it just because it seems ‘too hard’. Poor security practices are increasingly common in the work environment with many businesses ill-prepared for allowing staff to work remotely, and hackers and other cybercriminals are taking advantage of the current vulnerabilities in security measures.
Don’t become a victim to a network attack, losing time and money through cyberattacks that can damage, destroy or leak sensitive information and company data.
SD-WANs with cloud-based cybersecurity
SD-WANs meet the challenge of allowing corporate IT teams to create very flexible networks that can accommodate a lot of different types of connections across teams, offices and remote workers that are geographically dispersed, across the country or overseas.
SD-WANs are a great improvement over traditional WANs in terms of functionality since they allow a lot of flexibility and automated rules and policies — for managing network performance, data security and cost — and are a great way to manage a decentralized corporate network.
When it comes to security, particularly relevant to this discussion on remote working, SD-WANs offer advantages not available with older types of corporate networks, particularly around ease of use for anyone accessing company data from a home network, or some other type of public internet connection or external endpoint.
The challenge is maintaining an acceptable level of security, while still allowing remote workers the flexibility to connect from anywhere, including their favorite coffee shop with the less-than-impressive public Wi-Fi connection that a 12 year-old could hack.
The good news is that you can create a security gateway that protects your network no matter where remote employees are connecting from, or what device they’re using, including personal devices (BYOD) such as laptops, tablets and mobile devices.
There are four specific areas that need to be looked at when configuring your corporate network security to make remote work possible, secure and easy to use for all end users.
1 - Secure the connection
Inseego cloud security protects your SD-WAN network connection with intrusion detection (and prevention), content filtering and policy enforcement and cyber threat detection from malware, ransomware, and spyware.
Particularly important for remote access, with employees potentially connecting from unsecured networks or devices, is protection against ARP spoofing (man in the middle attacks).
With a Virtual Private Network (VPN) connection, your network traffic is encrypted, even across public networks, and a secure firewall protects your data from outside hacker attacks.
Inseego offers organizations the ability to issue dedicated 5G routers that can be plugged into a remote working site, like an employee’s home, and provide a corporate-network experience, while still allowing the Wi-Fi to be used for personal internet use, such as browsing social media.
2 - Secure the user
Individual employees can be authenticated on the network using a variety of options including two-factor authentication (also known as multi-factor authentication) and behavioral logic to make sure the person logging in is verified to access your company network and view (or change) sensitive data.
User access can be specific to an application, or user role in an application. Erring on the side of caution, IT managers can grant ‘least privilege’ permissions, sufficient only for the employees’ work and what that employee needs to do their job.
With the flexibility of SD-WANs you can set in place temporary rules or policies that allow an option to work outside the country, for example, that is switched off automatically when the employee returns, or allowing contract workers temporary access. These predefined rules can be effective in making sure there is user access left open, once the requirement for access has finished.
As a practical measure, remind all staff to only use strong passwords, be wary of using password managers, use trusted antivirus software, and know how to spot phishing attacks or scams.
This should be included in your security policies and also included with staff security training, particular for those working from a home office.
3 - Secure the device
Whether employees use corporate-issued devices or personal devices (also called Bring Your Own Device, BYOD) they can be authenticated on an SD-WAN network.
As corporate work devices can be a stronger security option, particularly using Inseego Connect to manage all your devices centrally, this is preferred but personal devices can be accepted when combined with other authentication methods, and firewalls to block out potential cyberattacks, malware and other security breaches.
With personal devices, rules can be in place that limit the options the device has to interact with company data, including preventing downloads or changing data.
4 - Secure the applications
Over the years, we’ve seen an exponential growth in the number of web-based applications that companies are now using, and sometimes the line between personal use and corporate can be a little blurred. For example, employees may use corporate communication or collaboration channels, like Skype, Whatsapp or Zoom, for both company meetings and private chats, particularly if working from home.
This is where IT can deploy and secure third-party web-based apps for distribution, instead of employees using their own accounts. This ensures corporate apps are only used by legitimate and authorized employees, and strict usage policies can be enforced (to minimize any HR complications or embarrassing leaks). This should be part of your standard information security policy.
Applications, like Microsoft Office 365, can also be verified before accessing company data, without the time-consuming content filtering that needed to happen before SD-WANs were able to speed up the process, reducing latency and making third-party software a lot more usable for remote workers.
Making it safer for remote workers is good for business
It’s not just the benefits of protecting your sensitive company data from potential threats, which makes having a solid SD-WAN, robust remote work security and comprehensive cybersecurity the sensible option; it’s also about making your company a more attractive workplace for top talent.
The coronavirus pandemic has uncovered a significant number of professionals who enjoy the flexibility of remote work, and are keenly interested in continuing it post-pandemic, even if it means taking a pay cut.
By reinforcing your corporate security, even with remote workers and the new threats of outside network connections, you can minimize the chance of damaging network attacks and make your company a more attractive workplace for a growing number of remote workers.