Today’s declaration of a global pandemic by the World Health Organization underscores what we are all coming to realize: that the COVID-19 disease, caused by a variation of the coronavirus, is going to cause a level of social and economic upheaval that is unprecedented in modern times. We are already hearing from our customers that they are facing sudden and profound challenges as they seek ways to quickly support corporate directives for employees to vacate offices and corporate campuses and start working from home. Maintaining security in the face of this global office exodus presents significant risks for most organizations.
Challenges of Quickly Adopting a Remote Workforce Model
Globally, 50% of employees are working outside of their main headquarters for at least 2.5 days per week, according to the latest International Workplace Group report. However, COVID-19 is challenging more — perhaps all — organizations to potentially embrace a remote work style immediately. Aside from the pressure this office exodus puts on IT teams, network architectures and even equipment suppliers, there are real cybersecurity challenges organizations need to consider.
Six key factors that can help ensure remote worker cybersecurity:
- Make sure you have a current cybersecurity policy that includes remote working. Strong security policies may already exist, but it is important to review them and ensure they are adequate as your organization transitions to having more people working from home than in an office. Security policies need to include remote working access management, the use of personal devices, and updated data privacy considerations for employee access to documents and other information. It is also important to factor in an increase in the use of shadow IT and cloud technology.
- Plan for BYOD (bring your own device) devices connecting to your organization. Employees working from home may use personal devices to carry out business functions, especially if they cannot get access to a business-supplied device as supply chains may slow down. Personal devices will need to have the same level of security as a company-owned device, and you will also need to consider the privacy implications of employee-owned devices connecting to a business network.
- Sensitive data may be accessed through unsafe Wi-Fi networks. Employees working from home may access sensitive business data through home Wi-Fi networks that will not have the same security controls — such as firewalls — used in traditional offices. More connectivity will be happening from remote locations, which will require greater focus on data privacy, and hunting for intrusions from a greater number of entry points.
- Cybersecurity hygiene and visibility will be critical. It is not unusual for personal devices to have poor cybersecurity hygiene. Employees working from home can result in an organization losing visibility over devices and how they have been configured, patched and even secured.
- Continued education is crucial, as coronavirus-themed scams escalate. The World Health Organization (WHO) and the U.S. Federal Trade Commission (FTC) have already warned about ongoing coronavirus-themed phishing attacks and scam campaigns. Continuous end-user education and communication are extremely important and should include ensuring that remote workers can contact IT quickly for advice. Organizations should also consider employing more stringent email security measures.
- Crisis management and incident response plans need to be executable by a remote workforce. A cyber incident that occurs when an organization is already operating outside of normal conditions has a greater potential to spiral out of control. Effective remote collaboration tools — including out-of-band conference bridges, messaging platforms and productivity applications — can allow a dispersed team to create a “virtual war room” from which to manage response efforts. If your organization’s plans rely on physical access or flying in technicians for specific tasks (e.g., reimaging or replacing compromised machines), it may be prudent to explore alternate methods or local resources.
Ensuring Security Across Your Remote Workforce
CrowdStrike is uniquely well-positioned to provide assistance to companies grappling with this sudden shift to a remote workforce for two reasons: One is that our cloud-delivered platform and lightweight agent architecture is ideally suited to supporting and specifically securing remote workers; the second is that we as a company truly “eat our own dog food” in this respect — we support a broad and widely dispersed remote workforce ourselves, so we have deep institutional knowledge of how to do so securely and effectively.
Below are several capabilities the cloud-native CrowdStrike Falcon® platform can give you to help make a rapid transition and ensure security as you move your workforce from office to home:
Harness the Cloud’s Scalability and Cost-Effectiveness. Architecture that is built for the cloud from the ground up flexes with the demands of customers and provides enormous storage and computing power to drive real-time protection, regardless of where your employees are connecting from. Working with a cloud security architecture ensures that additional resources can be provisioned as needed. And as you pivot to support remote employees, there is no need to plan, prepare and provision hardware and software to keep pace.
Gain the Highest Level of Security Regardless of Where Your Employees Are Located. Having a 100% cloud-delivered security architecture ensures that you can protect every workload everywhere, including workloads outside of the firewall, even if they are offline, and provide real-time security functionality with the highest level of efficacy along with compliance status information. Threat hunting across every device, especially those that are not on the network, is critical. Achieving this easily — with data accessible instantly and from anywhere — can only be accomplished with a native cloud-delivered solution.
Rely on Simple Security Architecture That Delivers Comprehensive Visibility. Knowing who and what are on your network is foundational to proactive security management. It is critical to have complete visibility of every device connecting to the network regardless of where it is connecting from. With CrowdStrike® Falcon’s single lightweight agent, there is no requirement to reboot to install; there is minimal impact on runtime performance; there are no “scan storms” or invasive signature updates to impact end-user experience; and users can be secured within seconds. The Falcon platform’s continuous and comprehensive workload monitoring and discovery give security teams full visibility of every device: This includes on-premises devices, remote office and home devices, and cloud workloads. This visibility also extends protection across containers and mobile devices.
Ensure Worry-Free Security With Endpoint Protection Delivered as a Service. With CrowdStrike Falcon Complete™, customers can entrust the implementation, management and incident response of their endpoint security to CrowdStrike’s proven team of security experts. The result is an instantly optimized security posture without the burden, overhead and cost of managing a comprehensive endpoint security program, freeing up internal resources to work on other projects. Falcon Complete is a 100% hands-off and worry-free endpoint protection solution that uniquely provides the people, process and technology required to handle all aspects of endpoint security, from onboarding and configuration to maintenance, monitoring, incident handling, and remediation, regardless of whether it is an on-premises workload or a remote worker.
The COVID-19 crisis is likely to be with us for a while. Organizations and their employees will be forced to make tough decisions rapidly, and enabling a remote workforce is one of those decisions. There are risks involved in accomplishing this at speed, but the security of your networks, devices and data shouldn’t be among them.
Your dedicated CrowdStrike experts
Call Infradata, an award-winning CrowdStrike Partner, for information on special programs for CrowdStrike customers who are dealing with massive surges in remote workers. CrowdStrike is committed to removing the friction that gets in the way of decisive action, and ensuring all users have access to the technology and expertise needed to operate safely, wherever they may be.
Michael Sentonas - 23 March 2020
Do you want to learn more about this subject, or do you have specific questions? Don't hesitate and reach out! Speak with a solutions expert or architect. Give us a call or leave a message. Our team of technical experts are ready for your inquiries.
Infradata is an award-winning CrowdStrike Partner and reseller. Our seasoned engineers deliver premium support and can execute projects on any scale.