Please join InteliSecure Senior Solution Architect Cosmo Romero for our upcoming live webinar.
The New World: Protecting Critical Data when Everyone is Remote
Wednesday, June 3, 2020
9:00 AM MDT | 4:00 PM BST
As organizations continue to adapt and adjust business operations to cope with the global COVID-19 pandemic, it has become clear that the changes we’ve put in place will have long-term effects. More than any time in history, organizations are asking, “Are my remote employees working from home impacting my security posture and if so, how?”
The short answer to that question is, “Yes, and more than you think.”
To address the urgent need for workforce security, start by breaking down the problem into segments: identify the most immediate issues; find the right tools to address those issues; and build out a more mature data protection program to address long-term security needs for remote workers.
What Impact Does a Remote Workforce Cause?
With more employees working remotely, protecting sensitive information by locking it within a trusted network is longer an option. The erasure of the traditional security perimeter has been confirmed for good. Today, people need to access, modify, and create sensitive information from untrusted networks—at the moment, from myriad individual home offices. The risks associated with this fragmented security scenario are similar to threats you’ve likely always faced. However, you now have a dramatically increased exposure to common attacks such as:
- Insider threats
- Malware, phishing, and hacking
- Targeted attacks directed at specific regulated data and intellectual property
- And more—
Fortunately, technology solutions are immediately available to help you put in place the processes and protections your organization needs to maintain security during this shift of the employee/workplace model.
Steps to Extend Remote Workforce Security
As a technology-agnostic managed data protection services provider, InteliSecure provides unbiased program and technology recommendations to our clients to ensure they have the best solutions and systems in place for their particular needs. Under the current circumstances, we have drawn many clients to the solutions offered by our technology partner, Forcepoint.
Assembling and implementing all the tools to secure your remote workforce is a big ask, even in the best of times. In a complex work model where employees are working remotely, organizations will need to rely on integrated workflows, policy consolidation, and consolidated reporting to properly protect themselves from the increased risk of a remote workforce. Forcepoint has created an integrated platform of security products that provide customers efficiencies and benefits that can’t be duplicated with point products or other vendors in the space.
To leverage the Forcepoint platform effectively, start with three steps:
- Identify your critical data assets
- Understand the systems where those assets live and how they are accessed
- Implement essential data protection technology solutions
Step 1: Identify critical assets
More than ever, organizations have to distinguish their critical data and information assets from benign, commodity data that flows through the organization every day. Information that is critical and require protection includes:
- Regulated Data—This is information protected by state, federal, or international mandates, including personally identifiable information (PII), protected health information (PHI), and Payment Card Industry (PCI) data.
- Sellable Intellectual Property—Information of a more complex and more business-specific nature—such as product designs, proprietary source code, and research and development documentation and data—is irreplaceable. It’s the source material for the products or services an organization uses generate revenue
- Strategic Intellectual Property—Service playbooks, customer pricing, customer contacts, wholesale costs, and merger and acquisition plans are all essential to enable the organization to remain competitive. Any leak of this information will seriously damage the organization.
Step 2: Rethink access to critical systems
Once you understand what data needs to be protected, take the time to thoroughly understand where that data resides.
Since employees are now accessing the critical systems holding compliance and intellectual property data remotely, organizations will need to rethink how they can enable those workers to do their jobs without compromising the systems. Security teams will be considering changes and adaptations to existing protections such as multi-factor authentication and role-based access control.
Subject matter experts, access logs, and a healthy ecosystem of feedback to the firewall team can help to iron out complexities of zoning and access control required to secure critical systems and the critical data those systems contain.
Step 3: Implement data protection technology solutions
To put in place the basic protections for remote workforce security, your team can leverage proven security technologies that address security at both a broad network level and at the individual user level.
Virtual Private Network
A Virtual Private Network (VPN) is the best solution for protecting the critical systems that need to remain on the trusted network and should be accessed only by individuals connected to the corporate network. Forcepoint’s Next Generation Firewall (NGFW) VPN Services allow remote users to access critical systems on the trusted network while providing:
- Zoning—Adding systems and users to designated security zones will help to protect critical systems within an organization.
- Intrusion Prevention—Hacking detection and prevention is essential for protecting sensitive data and systems.
- SD-WAN—Using Site-to-Site VPN and Dynamic Failover will ensure an organization’s WAN is running and secured.
- Other critical services necessary for perimeter security and remote access.
Endpoint Data Protection
On a laptop or desktop owned or controlled by the organization, Forcepoint endpoint security tools such as data loss prevention (DLP), Cloud Access Security Broker (CASB), and Web Security products provide substantial risk reduction for all corporate assets.
- Forcepoint DLP Endpoint ensures data leaves the endpoint via approved corporate channels only.
- Forcepoint CASB ensures data security policies are maintained when users interact with authorized cloud applications such as online storage or hosted services.
- Forcepoint Web Security Endpoint ensures users are not accessing sites that pose unnecessary risk to the organization, such as unsanctioned cloud applications, personal email, or sites where people can post sensitive information for non–work-related purposes.
Network Data Protection
For non-corporate devices, Forcepoint DLP can be integrated to provide DLP inspection over email for both on-premises or cloud-based email solutions. Data security policies can be enforced on a work device or a personal device for all outbound mail with a Forcepoint DLP Mail Transfer Agent (MTA) or Secure Email Gateway.
In conjunction with a single sign-on solution, cloud applications can redirect users to Forcepoint CASB before accessing any data or before performing any operations that may put data at risk. Forcepoint CASB will enforce data security policies on sanctioned cloud applications utilizing the CASB endpoint.
Anti–spear-phishing protections Forcepoint Email Security and Forcepoint Web Security can prevent users from exposing their credentials in a spear-phishing campaign.
Forcepoint CASB can enforce security controls on accounts employees use to access sanctioned cloud applications such as Microsoft One Drive, G-Suite, Box, Dropbox, and others. Forcepoint CASB can be configured to:
- Detect an account being used by more than one person
- Reveal attempts to crack an employee’s password
- Enforce password complexity
- Enforce account dormancy controls
- Enforce many more security controls governing employees’ cloud access security accounts
As remote employees embrace cloud applications as an easier way to do business remotely, Forcepoint CASB can provide account protections necessary to keep an organization’s data secure.
Forcepoint Web Security and Email Security can stop the download of malware with real-time virus protection using machine learning and other Zero-Day virus protection/detection strategies.
Malware is a particular concern because infected computers will be on same network as an organization’s laptop or desktop within an employee’s home network. Stopping any type of malware on a remote employee’s work computer or personal computer will reduce risk to the organization.
Users need to focus on work-related email, not the distraction of non–work-related spam. Organizations can assist users with Forcepoint Email Security and its anti-spam features. Moreover, Forcepoint’s Email Security solution allows users to check their own spam queues if and when they need to, easing the burden on email administrators or message security groups.
Users who aren’t used to working remotely may be distracted by working from their unfiltered home networks. Forcepoint Web Security will help prevent remote employees from accessing risky sites, including sites for hacking, peer-to-peer file sharing, or illegal purposes.
The solution also offers the ability to build time-bound rules, which relax restrictions for users outside of established working hours. For example, a company may not allow streaming services such as Netflix and YouTube during the work day but may allow those services after hours.
Risky Apps or Files
Organizations will incur unnecessary risk if remote employees are downloading hacking tools, copyrighted content, or other inappropriate content on organization-owned devices. These types of files can introduce malware into the environment as well as expose the organization to liability with respect to copyright violations.
How Intelisecure Consulting Services can help: Keeping Data Protection in Focus
Effective data protection begins with a direction for the program and a process for achieving measurable and time-bound goals. This direction is typically driven by a governance group and executed by working group members in support of the data security program.
However, when your team is under pressure to initiate and execute change quickly, the help of an experienced data security partner is invaluable. InteliSecure has over 17 years of experience helping organizations protect their most critical data assets. Our professional, highly trained analysts and strategists can work with your organization’s executives, governing members, and subject matter experts to identify critical data and systems and help create a program that achieves business objectives.
Our professional services teams will help you get started implementing the immediate protections you need using readily available tools such as those from Forcepoint. Once you have a basic security program in place, you can give attention to maturing the program and strengthening your security posture to ensure greater protection and resilience going forward.
Intelisecure has been ensuring data security success with Forcepoint products for almost a decade. With its years of Forcepoint expertise, InteliSecure will ensure security solutions are implemented, integrated, and configured to achieve the security outcomes you establish.
Connect with the Experts
We know that information security and data protection are complex enough even in the best of times. To get practical insights on how to address your new security realities, please join us for our upcoming webinar “The New World: Protecting Critical Data when Everyone is Remote,” Tuesday, June 3. You can register here.
If you would like to discuss Security Process, Data Security, Network Security, Cloud Security, Messaging Security, or Web Security in more detail, please contact the data protection experts at InteliSecure. We’re happy to help.