Best cyber security practices when ‘working from anywhere’

Written by: SystemLabs Posted: 07/01/2022

BL75_SystemLabs_AlexBlackwellWith ransomware on the rise, Alex Blackwell, Head of Business Development at SystemLabs, looks at best practices to ensure that IT is protected in a hybrid work set-up

The world has been working remotely for a long time now, so are most people pretty much up to speed with how to protect themselves from threats?

Well, you would like to think so but, unfortunately, we’re still seeing people who haven’t got an adequate set-up in place. According to a recent Digital Readiness Survey by ManageEngine, 37% of respondents said their remote working devices had no restrictions in place. We were shocked to see that number, but also not surprised. 
 
Why do you think so many businesses are allowing people to work on machines that have no protection?

For some businesses, it’s a sense of feeling that perhaps they aren’t prevalent enough to be targeted by an attack. For others, it’s not being 100% certain what needs to be done, while for others it involves issues with scalability or a reliance on in-office networks.
 
So this really isn’t something that people can ignore?

No. Anyone who is working with customers will more than likely be accessing or storing their private data, such as contact details and in many cases financial details, on their device, meaning they should have the necessary solutions in place to protect them. 

The only way to really ensure that data is protected is to install agent-based solutions on the endpoint. This means that the security solutions are set up at a machine level, so that no matter where someone is working, they know they have adequate protection installed. 

Shifting to cloud-based storage also means that instead of keeping data on individual machines, it’s in an environment that’s encrypted and therefore more secure against attacks.
 
So these solutions really do mean people can worry less and focus more on work?

Yes, the solutions we provide are incredibly beneficial for the user as they create a secure environment to work remotely – but they also benefit businesses too.

Setting up remote network security obviously involves firewalls but also allows administrators a deep dive view when it comes to VPN monitoring.

At the same time, the ManageEngine solutions we work with allow businesses to monitor remote worker productivity so it not only provides security but also reassurance for everyone.
 
It must be reassuring for businesses to know that they can monitor activity and threats, which in turn means being able to prevent attacks from the outside? 

Of course, businesses absolutely need to ensure their machines, and therefore company information, including customer data, are secure.

However, the threat isn’t limited to outsider attacks. There are plenty of ‘insider’ threats to consider.

When you say “insider threats”, what do you mean? 

Well, Forrester research revealed that 25% of attacks on company networks were due to insider threats. With more people working from home or remotely, there is an increased risk of insider attacks purely due to the freedom of being in an environment where there is no physical monitoring of people’s activity. 

Unfortunately, even if members of your workforce who are targeting the company data don’t have privileged access, they may know what information they are looking for, where it’s stored on the network, and a way to gain access to it. 
 
How can businesses deal with that? 

Setting up zero-trust network access is a good start. This kind of technology runs user and entity behaviour analytics (UEBA) software and this monitors systems and user behaviour in real time to look for indicators of insider threats. 

If a potential threat or pattern of suspicious behaviour is identified, that person is given a high-risk score and when that crosses a threshold, they will be put on a watch list and monitored. 
 
This is clearly some intelligent technology at work?

Yes, we’re very lucky to work with ManageEngine, which has developed and continues to develop these solutions, along with other security policy options such as security for workers’ own devices, privilege management and app validation. We’re more than happy to chat through these and other available options. 

FURTHER INFORMATION

If you would like to discuss ManageEngine solutions, contact SystemLabs at info@systemlabs.io

This advertising feature was first published in the November 2021 - January 2022 Technology Edition of Businesslife magazine


Add a Comment

  • *
  • *
  • *
  • *
  • Submit

It's easy to stay current with blglobal.co.uk.

Just sign up for our email updates!

Yes please! No thanks!