Oct 23 2020

3 Ways IT Departments Can Get a Handle on Remote Security

A proactive approach that focuses on employee training, endpoint visibility, and staying a step ahead of threats will help IT teams keep remote networks safe.

Remote work has changed nearly every aspect of the working world, security included. Growing numbers of endpoints and increased security threats can seem overwhelming for IT departments seeking to keep their organizations protected.

However, keeping track of the state of security is less challenging than it seems, as long as businesses take a fresh approach.

During a recent roundtable, CDW security experts discussed the challenges facing security-minded IT teams and offered suggestions on how to keep a step ahead of risks as the attack surface becomes larger than ever. 

1. Improve Remote Worker Training

With an increasing number of people working remotely — and often dealing with the potential of threats targeting their local networks — improving staff training and education efforts is key, said Jeremy Weiss, cybersecurity practice lead for CDW.

“We’ve always seen this evolution of training our users to be looking for spam attacks and stuff along those lines,” he said, “but they don’t know how to actually defend things on a foreign network or on a home network. That’s really an area where you’re making sure that user awareness and user education needs to be at the forefront.”

Weiss added that many of these workers have had limited access to remote work in the past, logging in only periodically to check emails or complete quick tasks. As a result, they may not be aware of the security requirements that come with remote work.

This means “taking that step back and making sure that they are aware and educated on how to utilize different tools and … be more effective as well,” Weiss said.

2. Improve Your Visibility into Remote Endpoints

In an office environment, it’s fairly simple to limit the amount of access that an external device has to a given network through traditional endpoint security measures. This can be more difficult in a remote environment, but it’s possible, said CDW Cybersecurity Practice Lead Ziyad Roumaya.

“I feel like our customers sometimes forget about the remote endpoints that they have out there, and I think it’s extremely important that they start looking into some visibility aspects of that, and they can do that a number of different ways,” he said.

Experts discuss what businesses should prioritize for remote work security.

Roumaya suggests that customers start with firewall VPN agents, which allow companies to do posture checks and offer ways to gain visibility into how the network is being used.

“We also implement a lot of [network access control] solutions to gain visibility and posture as well so we can do posture checks for devices that are connecting into the VPN environment,” he said. “We can also rely on some of our next-generation endpoint solutions to help with that.”

3. Take a Proactive Security Approach

With a larger potential attack surface, it’s important to move past a defensive posture and take a proactive security approach, explained CDW Cybersecurity Practice Lead Jeff Falcon.

“This doesn’t just mean taking a vulnerability snapshot from a set of external-facing IPs or just conducting a wireless internal segmentation assessment,” he said. “This is really a comprehensive snapshot of everything that's happening: all remote connections, all critical assets, users that are connecting to remote systems from various locations around the globe.”

One strategy Falcon suggests is using threat-hunting workshops to determine how a malicious actor might break into a system.

“Threat hunting workshops are a great way to engage a partner, or even proactively on your own prescribe those exercises where you’re going to find those areas of vulnerability within the organization as if it were an actual determined adversary,” he said.

iBrave/Getty Images