Even before 2020, you couldn’t turn around without hearing about network security. Then the pandemic hit and many of the safeguards organizations had in place got stretched to the limit. The nation’s workforce transitioned from one or multiple office locations to a multitude of remote locations, using a variety of devices from networks you don’t control.
It was the perfect storm for IT professionals. How do you build a long-term business resiliency strategy when you don’t know where to start and where to end?
Business resiliency in a new normal: Security must haves
In our previous blog on Redefining Business Resiliency in a New Normal, I discussed how business resiliency used to be about ensuring applications and data would always be available and secure. But, the events of 2020 didn’t impact our applications and data as much as they disrupted our workforce and our workplaces. That’s why, to thrive in this new normal, organizations will need to address how changes in those two dimensions of business will transform their approach to resilience.
In this blog—the second in a three-part series—I’ll discuss Four Security Must Haves to help IT teams secure their scattered workforce and workplaces.
One of the biggest concerns our clients have with a remote workforce is protecting their data from users in home networks. Studies have found that 80 percent of security breaches involve compromised passwords. That’s why one of the first things we recommend is Multi-Factor Authentication (MFA), which ensures users are who they say they are.
MFA protects your applications by using a second source of validation to verify user identity before granting access. These factors can include something you know (like a username and password) plus something you have (like a smartphone app) to approve authentication requests.
One of the solutions we recommend is Cisco Duo MFA. It’s designed for even the most complex environments, yet it’s fast and easy for users to set up. The solution continuously inspects each device at every access attempt and can enforce hygiene requirements, such as requiring an up-to-date browser or operating system. It can also identify which devices are managed by the company and which are not.
Duo is a market leader because it integrates with everything; has a lower cost of ownership than other solutions; and improves access, productivity and security—a rare trifecta.
Endpoint security solutions protect endpoints such as mobile devices, desktops and laptops. This is especially important if your team is using their own devices. Endpoints are a popular attack points because once the device is compromised, attackers gain access to the network and all of the data contained within it.
If your organization already has antivirus protection, you might think you’re covered. But, the reality is that this threat landscape is evolving at a breakneck pace. For example, legacy antivirus can be blind to malware in zip format and fail to catch advanced threats.
New endpoint security solutions take a cloud-based approach to quickly detect, analyze, block and contain attacks in progress. They instantly access the latest threat intelligence without requiring manual updates from security administrators. This allows for faster and more automated responses. They continuously monitor all files and applications that enter your network and have the ability to scale and integrate into your existing environment. There’s also less overhead because there is no infrastructure to maintain and the installation process is faster and simpler.
protection from malicious websites
For companies looking for another layer of security, we recommend Cisco Umbrella. In a nutshell, it protects your users from clicking into bad websites. Umbrella is a cloud security service built into the foundation of the internet. It’s the fastest and easiest way to protect all of your users enterprise-wide in minutes, and it reduces the number of infections and alerts you see from other security products by stopping threats at the earliest point. With no hardware to install and no software to manually update, ongoing management is simple.
By enforcing security at the DNS and IP layers, Umbrella blocks requests to malware, ransomware, phishing and botnets before a connection is even established—stopping threats over any port or protocol before they reach your network or endpoints. Umbrella provides coverage for all connected devices (including roaming laptops, Android and iOS devices) and it delivers great time-to-value.
remote workplace management
With a distributed workforce, it can feel impossible monitoring security across your entire network. One of the best tools we’ve found to manage and secure everything is Cisco’s Meraki cloud-based solution. It’s a simple tool that allows you to secure and manage your entire network under a single pane of glass.
Meraki consolidates all of your network components onto an intuitive dashboard so you can easily assess the health of your network in real-time—from access points and switches to security and wireless. This solution is perfect for organizations who have a slim IT staff because it allows them to centrally provision, monitor and secure all of their managed endpoints and personal devices, wherever they are. You can monitor application use, time of use and who the heaviest users are. Plus, it’s scalable. Clients can make modifications to their network, adding devices and sites in minutes.
Cost-Savings bundles available
Through our partnership with Cisco, we’re able to offer a special business resiliency bundle that includes Duo MFA and/or Umbrella with Webex Meetings/Messaging collaboration solution.
This is a great way for small-to-mid-sized organizations (with up to 250 users) to build up their security and collaboration efforts in the new normal.
To learn more or get started, contact a business resiliency expert today.