Security on the move: protecting your mobile workforce

Organizations with mobile workforces face serious challenges when it comes to their overall cybersecurity posture. As more users leverage laptops, tablets, smartphones and other portable devices, security risks begin to increase in three areas which can be simply categorized as:

• What users bring in to the environment
• What users take out of the environment
• An overall increase in scope of what can be attacked

Looking at the risk of “what users bring in to the environment”, companies must deal with devices being attached to their corporate networks which have also connected to a user’s home network, public Wi-Fi hotspots and any number of other unsecured networks. These systems are likely not as well protected as those governed by enterprise-class endpoint security tools, and thus, run a much larger risk of being infected with malware, viruses, ransomware, worms and other malicious programs used by attackers. When a user’s compromised device is connected to a corporate network, it introduces the potential for these malicious tools to launch more attacks against the other devices on the network, or serve as a point of entry for a cybercriminal to the network, bypassing all perimeter defenses. There are many strategies that can be employed to defend against this sort of problem, including, but not limited to:

• Set strong policies which require that devices connected to the corporate network have endpoint protection software which is up to date and that systems are fully patched
• Create wireless networks which are available for user’s non-work systems which they can utilize for Internet access and other functions without allowing them to be connected directly to the internal corporate network
• Develop Internet-facing services for email, messaging and other basic corporate functions which users can access remotely without need of internal access
• Assign corporate-owned mobile devices to users, instead of allowing personally-owned devices, which have the same endpoint protection software, access controls and other corporate governance as any other device on the internal network

As for “what users take out of the environment”, trying to keep classified or critical, proprietary data safe is a primary need of any organization, regardless of their vertical. Intellectual property theft is a very real problem for almost any organization, and even in areas where it may not seem as obvious. Take universities and other organizations in academia, where research papers and doctoral theses can generate millions of dollars in revenue from grants, government investment or corporate efforts to license the findings for commercial purposes. Users who have access to this kind of critical data could easily copy it to unsecured mobile devices and transport it out of the protected network, compromising the data and potentially impacting the organization for large amounts of revenue. To protect against this kind of data loss and theft, organizations must have strong access controls around who can access information stored across their network, adopt Least Use Privilege policies to ensure that only the users who must have access, do, and for complex access requirements, consider implementing Data Loss Prevention (DLP) solutions which can provide a wide array of logging, tracking, access control, and other data access functions which can prevent a user, whether authorized or not, from exfiltrating critical information out of the environment.

Finally, when organizations begin to expand their workforces outside the confines of a well-controlled network housed in physical office locations, the more common, outdated types of defense strategies start to become difficult to implement and manage. Notions of a traditional Internet perimeter where a firewall can block out unwanted external traffic simply disintegrates when put into practice in today’s cloud-based and hybrid environments, and network admins now must wrestle with huge numbers of mobile devices all over the globe which are accessing corporate resources and are being connected to public and unsecured networks. This means that the potential number of devices which hackers can attack goes up dramatically, and the ways in which they can be protected starts to shrink.

It’s imperative that organizations find security solutions that will scale up alongside not only the sheer volume of additional devices being used, but the scope of where and when these devices are used to perform work. Leveraging cloud-based technologies to store data centrally can be one option, provided that sufficient technological controls and legal protections are in place. Additionally, more and more security vendors are providing strong cloud-based solutions which can scale up quickly and easily to identify and protect your devices wherever they are in the world and provide centralized management functionality to your internal IT staff responsible for controlling these assets.

While there are a number of challenges for all organizations as they move to and utilize a more nimble and mobile workforce, with proper planning, strong controls and using scalable cloud-based security technologies, they can reduce their overall risk of loss while dramatically increasing the security posture of the environment as a whole.