The remote work environment has been around for years. In fact, 56% of employees in the US have a job where some of what they do could be done remotely even before the pandemic. However, no one could have predicted the sudden need to fast-track remote worker access to corporate systems.
Overnight, we’ve gone from environments where most of us were confined to an office building, to a brave new world where workers need remote access to corporate systems from all sorts of devices, on potentially unsecured home and Wi-Fi networks, and public clouds we don’t control. How do we know if our laptops have malware, or if the Wi-Fi we’re using has a backdoor waiting to be exploited?
Now, 76% of employees are working from home, and this kind of disruption to businesses around the world is likely to remain permanent – putting security professionals on notice to address additional challenges. The security team has to keep up with remote work-related IT demands and battle with an increasingly difficult threat landscape. So the question to Security teams becomes, “How can you empower employees to do their best work securely, regardless of where they are and what devices they are using?”
With 70% of breaches originating on endpoints, there is no question that endpoints are a top target of attacks. In light of the recent pandemic, bad actors are seizing the moment by intensifying pandemic-themed malware and phishing campaigns.
Malware like LokiBot, FormBook and NanoCore targeting endpoints is on the rise and fraudulent websites flourish, such as the fake John Hopkins Infection Map which compromises the endpoint with by the Azorult malware. While organizations involved in pandemic-related work are targeted by attackers preying on remote users who may have let their guards down, clicking on pandemic-related links or attachments unknowingly opens up the backdoor for malware attacks.
The combination of the proliferation of these threats, the flood of new and unrestricted devices now accessing company data remotely and the increased use of cloud-based collaboration platforms and unsanctioned apps – creates a trifecta of strain on endpoint security teams to keep remote workers productive and secure.
Protecting all devices your employees use to remotely access company resources is critical. When users and devices are off-network, antivirus and other preventative measures alone are no match for advanced threats. You need to see an attack coming, not wait to respond to it after it reaches your endpoints. This is not an easy task if you’re stuck in the vortex of endless endpoint security operational challenges. More than ever, streamlining your endpoint operations with a built-in platform approach is becoming more a beneficial. Can you imagine having unified visibility, automation, and better security across your multi-domain control points – allowing you to maximize operational efficiency around remote work security? Here’s what I mean.
Stops threats before they compromise your remote workers’ devices. One way to keep advanced threats from infecting your endpoints is to use multifaceted prevention techniques that combine behavioral analytics, machine learning and signatures. This is especially important for remote users who use SaaS apps including online collaboration tools like Webex, Slack, Zoom and Microsoft Teams. Operating system processes and software vulnerabilities like the one found in Zoom for example, can be exploited by malware to compromise the endpoint. With Cisco’s exploit prevention engine, you can protect the devices being used to access these apps from Zero-day attacks that use memory injection on unpatched software vulnerabilities, fileless remote code execution and other malware attacks. You can quickly uncover and stop ransomware before it can cause damage. And you can employ machine learning to analyze behavior like command-and-control and data exfiltration activities before it’s too late.
Detect and respond to threats fast, completely. Having unified visibility and control of all devices used for remote work allows you to see every threat to your endpoints — where it came from, where it’s been and what it’s doing. One way to improve efficiency in this area of security operations is to have a coordinated defense orchestrated by a built-in platform. One that allows you to run automated playbooks for critical tasks like performing live queries on all endpoints, proactively hunting for threats and automatically blocking known threats by isolating compromised endpoints – speeding time to detection and response to help you quickly reduce the attack surface.
Cisco’s Endpoint Security solution defends your remote workforce by blocking attacks at the endpoint before compromise, while helping you respond to threats quickly and completely. It is the industry’s first solution with a built-in platform, called SecureX, that delivers stronger protection with simplified orchestration and automation. Endpoint events are uniquely enriched with actionable insights generated from both Cisco and third-party solutions to accelerate threat response with remarkable accuracy. Reducing the time to respond and remediate an attack by as much as 85%, this powerful solution delivers next-gen AV, advanced EDR, simplified and managed threat hunting, IT/posture hygiene, and cross-control detection and response (XDR) to protect the endpoint and beyond for more a coordinated defense.
As an integral part of the Cisco Secure Remote Worker solution, we help accelerate business success with security that works together by combining the power of Cisco:
Get started for free today to learn how to stop threats before compromise, remediate faster, completely and maximize operational efficiency – with the industry’s first endpoint security solution with built-in platform for the security needs of remote workers
The post Securing Remote Work: Protecting Endpoints the Right Way appeared first on Cisco Blogs.