The rapid switch to remote work in the wake of COVID-19 has created new security risks for organizations. However, in many cases, companies have not adapted their security policies to account for these new potential cyber risks and attack vectors.
One of the biggest security issues is the failure to implement zero-trust network access (ZTNA) for remote workers. Deploying secure access service edge (SASE) enables an organization to achieve efficient, secure remote access with integrated access management, reducing the threat posed by the growth in remote work.
The Rise of Telework
The COVID-19 pandemic forced many organizations to swiftly transition to a mostly or wholly remote workforce. In order to comply with quarantine orders while remaining operational, these companies often switched from in-house to remote work within a matter of days with little or no preparation.
Many of these organizations did not have a large-scale telework program previously in place with all of the resources and policies that it requires. As a result, many remote employees are working from personal devices, and corporate security policies and procedures have not been updated to reflect the new working conditions.
Telework Introduces New Security Risks
Many jobs can be performed effectively from home, and, in many cases, teleworkers have demonstrated a higher level of productivity and efficiency than on-site workers. However, these remote employees are operating in a very different environment than when they worked from the office.
Teleworkers share many of the same security risks as on-site workers. However, widespread telework also introduces additional security risks due to remote employees’ unique situations, such as:
- Direct Internet Connectivity: When working from the office, all of an employee’s Internet traffic passes through the enterprise network perimeter, allowing it to be scanned by the enterprise security stack. For remote workers, the limited scalability of virtual private network (VPN) solutions has resulted in the use of split-tunnel connections, where some of an employee’s network traffic goes directly to its destination without security scanning. This increases the probability that a remote worker’s machine will be infected and used to attack the enterprise network via its VPN connection.
- Lack of Corporate Security Solutions: Due to a lack of company-owned systems, many remote employees are working from personal devices. These devices are unlikely to have the corporate antivirus and other security and monitoring solutions installed, making them more vulnerable to attack.
- Lax Security Policy Enforcement: For on-site, company-owned systems, many organizations have policies in place mandating configuration settings, regular updates, etc. With remote workers, these policies are less likely to be enforced, increasing the probability that remote workers will be using systems with exploitable vulnerabilities.
These are only some of the risks introduced by a mostly or wholly remote workforce. These, and other potential issues, create an environment where employee machines are much more likely to be compromised by cybercriminals than if employees were working from the corporate office.
Companies Are Not Managing Remote Cyber Risk
In many cases, an organization has limited control over the security of its remote workers. If employees are using personal devices for work, an organization likely cannot mandate the installation of corporate cybersecurity and monitoring solutions on them. However, even for devices owned by the company, where such restrictions are enforceable, 37% of remote employees claim that no restrictions are in place to prevent risky behaviors on the Internet.
What a company can do is limit the risk that these remote workers and their potentially compromised devices pose to the organization. If an attacker gains access to a teleworker’s machine, it is likely that they will use the employee’s access to attack the enterprise network. By limiting the systems and sensitive data that an employee can access, an organization can decrease the potential damage caused by these compromised accounts.
Accomplishing this requires a remote access solution capable of implementing zero-trust network access. ZTNA manages employees’ access on a need-to-know basis, allowing them to only access the systems and resources required by their job role. VPNs, the most commonly used remote access solution, do not provide ZTNA functionality. An attacker with access to a computer that has a VPN connection to the enterprise has unrestricted access to the enterprise network.
SASE Offers Secure Remote Access
SASE is a next-generation network technology designed to maximize the security and efficiency of the corporate WAN. SASE deploys a network of Secure SD-WAN solutions in the cloud, enabling full security inspection at each SASE point of presence (PoP) and optimized routing of traffic between SASE PoPs. This enables an organization to achieve optimal network performance and scalability without sacrificing network visibility and security.
One of the security features incorporated into a SASE PoP is ZTNA functionality. This enables an organization to easily restrict remote employees’ access to the corporate network based upon predefined roles, limiting the potential impact of a compromised teleworker’s computer.