The COVID-19 pandemic has led to radical changes in the network operating models of the public and corporate sectors. In the blink of an eye, physical companies, government agencies and educational institutions have switched to remote working and distance learning models.
As a result of this sudden and overwhelming shift to virtual collaboration and communication, there have been some glitches, exposing many technical challenges and policy gaps.
Cyber security breaches - which came in many forms - became a major problem for IT departments as they struggled to support staff who were no longer centralized, but remote.
In addition, cybercriminals quickly exploit vulnerabilities that have arisen when employees connect via insecure home networks and devices.
Hackers rushed to find the weak spots, knowing that in some cases they only needed to find a single misconfigured external device to gain access to organizational information. Phishing campaigns - many related to COVID-19 - have emerged as a real threat to operational continuity and precious corporate data.
For companies, the question now is: how are network management and security converging to meet this new challenge?
IT and the security team must work together
Today's new pattern of remote working - however temporary it may be for some organizations - highlights the important convergence of network management and security. The two disciplines are coming together to support a remote working environment that is both secure and productive.
As such, network visibility is vital. IT must be able to monitor and have a view of what is happening on the newly-virtualized network. IT can establish a variety of security controls to better protect company resources, including intelligent password management, multi-factor authentication and consistent configuration of home routers and modem firewalls.
A VPN is a practical way of protecting company resources, as users log into a VPN whenever they are working remotely. However, most organizations usually only provide VPN access to a small percentage of employees.
Today, however, VPN access is becoming a requirement, which means that the IT team must deal with managing a sudden increase in traffic. And it must fight potential vulnerabilities that originate from workers who choose not to use the VPN to transmit their data.
We need to go beyond the use of VPNs
It is therefore important that the network management and security teams are on the same page, working collaboratively to support a consistently available, reliable and secure environment.
Adding services such as backup VPNs, as well as data loss prevention and endpoint protection technologies, helps. In addition, IT managers must also understand how security is incorporated into cloud applications.
In environments where remote working is the new operating structure, network visibility is not just a challenge, it's absolutely vital. Adopting a zero-trust model has never been more important.
Keep data and employees safe in times of remote work
The new reality means that companies now have many people working from home full-time - people who are not technical and who are not used to being responsible for their own technology and security. And as previously stated, attackers are increasingly targeting the weak points in home network environments and exploiting the chaos and complexity of users working from home.
There are three main concerns with home networks and personal cybersecurity in a work-from-home scenario:
- The computer being used;
- The network they are connecting to; and
- Security awareness and user knowledge.
In fact, many remote employees are doing their work on personal PCs. SaaS applications tend to be generally secure and any connection to internal resources should be encrypted over a VPN connection, but the device itself still poses some risk.
It is possible that the device is already compromised. For example, if other family members use the computer or rely on other devices on a shared home network, the PC is at greater risk of malware infection.
To ensure that data and employees are safe in times of remote working, companies should start with clear expectations and communication. Remind remote employees of company security policies and basic cybersecurity best practices, and make sure they are informed about potential or emerging threats so they know what to look out for.
Ensure that operating systems and applications are fully patched and updated, even on personal computers, and require a VPN connection for access to any internal resources or data.
It's also more important than ever to be vigilant when monitoring the use of user credentials and access to company assets and data. Make sure you have the tools and expertise to identify anomalous or suspicious behavior quickly and take action to stop any malicious activity.
Conversys can help your company reduce the risks and impact of this global crisis. Contact our experts now to learn more about Aruba Networks' security, network management and connectivity solutions. We're here to help you meet this challenge.
About Conversys
Conversys IT Solutions is a provider of Information Technology and Communication services and solutions acting all over Brazil.
With a highly qualified technical and commercial team and a partner network that includes the main global technology manufacturers, Conversys IT Solutions is able to deliver customized solutions for IT Infrastructure and Telecom to its clients.
We invest in our employees and partners and strive for a long-lasting relationship with our clients, because we believe that this way we gain the skills and knowledge necessary to innovate and generate value to the businesses in which we operate.
