Remote Work – How to Protect from Cyber Attacks?

This post is also available in: עברית (Hebrew)

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently released a draft of its “Zero Trust Maturity Model” as US agencies are asked to reach a basic zero trust maturity level by the end of fiscal 2024.

A zero-trust approach assumes that no user or device is trustworthy until proven otherwise. That means no trust is granted for any transaction without first verifying that the user and the device are authorized to have access. Many zero trust solutions are cloud-only, which limits organizations’ options. Organizations looking for more flexibility should consider a solution that can be deployed both on-premises or in the cloud.

After the pandemic sent many employees home, the concept of work from anywhere was top of mind for many organizations transitioning their infrastructure to support this new model. While also before the pandemic there was a need for secure remote access as people checked their work email from various locations, security has become even more important when people are distributed. 

Interested in learning more about the latest cyber technologies? Attend INNOTECH 2021 Cyber, HLS, and Innovation Event at Expo Tel Aviv, Nov. 17-18.

Cybercriminals are targeting the work from anywhere workforce, which coupled with the increasingly sophisticated threat landscape underscores exactly how important endpoint security is for organizations.

Instead of assuming that any user or device inside the network can be trusted, organizations need to move away from a “perimeter-based” approach to security that grants implicit trust based on location. Then organizations need to focus attention on endpoints. This requires solutions that provide visibility into devices and their state, strong protection measures, remote monitoring tools and threat remediation for endpoint devices of all kinds, according to csoonline.com.

The pandemic did a good job of showing the need for VPN technology to evolve in order to securely manage remote access to networks. Zero trust network access (ZTNA) offers a remote access solution that addresses concerns related to application access. 

In addition to moving to ZTNA for remote access, organizations need to use modern endpoint security with endpoint detection and response (EDR) capabilities. Current endpoint security solutions are far better than traditional first-generation endpoint protection platforms (EPP) that focused on threat intelligence-based prevention.

Now, modern endpoint security (with EDR) should have the ability to predict and prevent attacks, detect and defuse threats on real-time, and respond, investigate, and hunt for new threats.

A behavior-based approach is now needed for pre-infection and post-infection protection as well as detection and response.

The addition of automation and artificial intelligence to modern endpoint security also helps with the ongoing assessment and classification of suspicious activity. If the solution determines that there’s a problem, it can initiate a response that can then be automated using a customizable playbook.

Making work from anywhere actually work securely requires setting up a variety of components. Setting up robust endpoint security and remote access can be complex and sometimes even impossible. A better option is to take a holistic approach to security with a platform that allows you to connect different security devices into a single, integrated security system that spans your distributed network. When you have users connecting from almost anywhere to resources that could be located almost anywhere else, having security connected into a single platform improves visibility.