COVID-19: Securing Work From Home Home Insights Blog COVID-19: Securing Work From Home March 26, 2020 COVID-19: Securing Work From Home Organizations are rushing to enable remote access for their staff as many cities, counties and states move towards a shelter-in-place mandate. Companies and workers that are in a field where working from home is a possibility should feel fortunate to have the opportunity to do so. Optiv described three strategies for organizations that are enabling work from home: expand existing access, create alternate access methods and infrastructure redesign. Most organizations are likely performing some parts of each strategy to cope with the rapid expansion of remote workers. It is important for CISOs to consider the security ramifications on a larger scale and not lose sight of their roadmap for enabling security within the organization. The factors influencing the decision-making process at this stage should be congruent with the organization's mid- and long-term objectives. In effect, by moving from a state of indecision on how to secure an expanded remote work force to executing on the existing roadmap, the choices become simpler and more familiar. While each of the organizations Optiv engages with are at differing levels of security program maturity there are common themes in the program objectives. The good news is that the natural evolution of security enablement dovetails with providing expanded, easier to access services for employees and customers. Some of these common objectives are: With the realization that the security organization’s objectives are still in place, valid and beneficial to the current state, executing on those objectives’ bonds existing cybersecurity principles to those projects and ultimately to the remote workforce. Security awareness training – Regardless of the degree of cybersecurity controls that are put into place humans still sometimes make bad decisions. Cybercriminals are using the daily media frenzy to their advantage. Continue to provide employees with routine cybersecurity training, reminders and tips. Additional considerations: Provide readily accessible documentation on how to obtain remote access Publish a list of approved collaboration tools for chat and online meetings Supply guidance on what applications the organization will be permitting remote access to and the timeline Endpoint security – Review mobile asset inventories and ensure that endpoint security agents are fully deployed and updated in order to combat the increased risk of malware. Additional considerations: Validate and publish the steps for remote endpoint security agent enrollment Implement host validation checks to ensure a minimum standard is met before allowing access to sensitive information Determine the level of access that will be permitted for BYOD Identity and access management – Regardless of the methods that are being implemented to expand remote access proper management of user identities will be the linchpin to a successful secure rollout. The table stakes are ensuring your directory services are accurate and accessible to remote applications. Additional considerations: Leverage single-sign on (SSO) dashboard for application distribution Utilize multifactor authentication wherever possible Enhance and expand monitoring and reporting on access to sensitive information SecOps – The change in system access methods will shift service loads and expose new capacity constraints. Ensure SecOps management is included in business line decision planning on remote workforce enablement. The operations team will have to stay abreast of dynamic changes in traffic flows, peak operating times and new sources of telemetry to incorporate into monitoring tools. Additional considerations: Determine the feasibility of including the SecOps team as designated employees to work from home Coach the team on how the shift to work from home will affect operating parameters and behavioral monitoring systems Ready a tiger team to implement new telemetry acquisition and monitoring for net-new applications and access methods Download our technical WFH checklist for more actionable steps you can take to secure your organization wherever it may be in its cybersecurity journey. By: Optiv Share: SecOps COVID-19 Remote Work How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.