Breaking News

Maintaining Business Continuity Amid Changing Workplace Operations

To address today’s concerns around public health and human safety, businesses across the globe are in the process of transitioning to a remote workforce. However, the sudden, widespread use of teleworker solutions has highlighted several challenges for businesses from both an operational and security standpoint. Addressing these challenges requires a business continuity strategy that can guide and secure an organization through times of uncertainty.
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today recommends the 4 steps for CSOs and business leaders to help keep the business moving during times of unprecedented change.
1. Conduct a Security Risk Assessment
Because many employees are unable to take their work desktops with them into their home office, they need to leverage web portals and virtual private networks (VPNs) to get their job done. With this shift in access comes several new security risks, including BYOD issues for users without a corporate laptop, a lack of infrastructural support, and interoperability challenges given the variety of technologies being used to connect back to the network. For this reason, it is important that organizations reassess security risks from a more comprehensive point of view.
Business continuity and disaster recovery plans are critical, as is a comprehensive security policy that covers things like remote access protocols and managing user-owned devices on the network. It is also imperative that IT teams are able to ensure that all devices connecting back to the network meet network security standards before they are allowed to connect. Additionally, organizations must confirm they are keeping pace with patch management and maintaining a comprehensive security posture through the use of controls and automation.
2. Set Up and Securing a Remote Workforce
First and foremost, organizations need to make certain that access control policies ensure that all business-critical users and devices have access to the resources they need to perform their jobs. From there, businesses must also validate that these users and devices are secure. There are a number of security aspects that will only be magnified due to the sudden influx of devices connecting remotely to the network. There are two major issues to focus on to best support a telecommuting workforce:
2.1. Training
Many of today’s teleworkers will be novices. For business administrators and employees who typically conduct daily business affairs in-office, the security requirements of telecommuting are something very new. For this reason, organizations must devise a plan for delivering online training to those users who need to learn how to access systems remotely and securely.
Remote work tools, such as conferencing platforms, generally put access to your internal network into the hands of users and devices that may not stand up to your security standards. Training these users to recognize red flags will be essential to protecting your more widely distributed network.
2.2. Email
Over the past several weeks, FortiGuard Labs has been observing a significant increase in both legitimate and malicious activity surrounding the Coronavirus. We’ve seen benign emails containing documents with guidance from HR departments, even from World Health Organization (WHO) posted at Beware of criminals pretending to be WHO. Another campaign that leverages the trusted FedEx trademark as a decoy to gain the trust of recipient so they will open an included PDF attachment then exfiltrates data to the malicious URI.
It is essential, therefore, to have the right security controls and training modules in place to protect your business, your employees, and your customers from compromise. To do this, organizations must have appropriate plans in place to protect their customers and employees from themselves from clickbait.
3. Test Existing Security Controls and Automation
As day-to-day business operations change and the new remote workforce gets settled in, any longstanding gaps in cybersecurity resources or any networking limitations will become exacerbated. Organizations may be further constrained by the number of security workers available to manage ongoing issues, and be forced to rely on technology and automation to take care of low-hanging fruit.
This shift to telecommuting practices will additionally force organizations to enhance their cloud or e-commerce presence, introducing additional challenges of performance and scalability. Leaders must account for the kinds of security controls in place in their previous network and understand how those same controls are going to operate in this new working environment.
However, many businesses may not have had the controls in place to support a remote workforce. For these organizations, controls will have to be built from scratch. This could take some work, as they will need to build controls from the ground up without much of an idea of what their security baseline previously was or how security events could affect them in the future. It will be critical that these businesses focus on implementing controls supported by automation to augment limited resources and maintain a strong security posture.
4. Maintain Compliance
Regulations such as GDPR and CCPA are going to strain the ability of enterprises and service providers in this new environment to maintain required levels of privacy. According to Fortinet’s Jonathan Nguyen-Duy Vice President, Global Field CISO Team at Fortinet, “The challenge is going to be, how do you enforce and maintain compliance at a global level to such a degree of granularity, when you have so much fluidity in the way that people are accessing and authenticating themselves across your network environment.”
The work-from-home may set a precedent for “new normal” practice. It could be a shift in leaders’ openness and willingness to keep these new approaches to networking and business operations in place once the current crisis has passed.
Chanvith Iddhivadhana, Fortinet Thailand Country Manager opinioned, “At this moment, many new questions and challenges will arise concerning security. Though we may not have all of the answers now, it is nonetheless critical that businesses do their part in securing customer data, employee operations, and business continuity as best as possible. Business leaders can establish best practices and get the support they need to protect their organizations during these times of rapidly evolving workplace operations by leveraging security tools and resources through Fortinet. The recommendations are, but not limited to:
• Endpoint Protection: The FortiEDR (endpoint detection and response) solution, providing both pre-infection and post-infection defenses, can help protect the end-user devices and your network clear of malicious malware. It does this by providing advanced antivirus functionality tied to the kernel on the front end, combined with the ability to detect and stop advanced attacks in real-time, even if the endpoint has been compromised, by detecting, defusing, and remediating live incidents – enabling your workers to stay on task.
• Access Control: The remote workers in the house normally use the same computer and network for their job and children use for e-learning, gaming, entertainment, etc. So, in addition to hardening the endpoint device itself, the company must have security controls in place at the head-end to identify, control, and monitor all devices seeking network access. The FortiNAC network access control (NAC) solution enables automated onboarding for large numbers of endpoints, users, and guests. It automatically discovers, identifies abnormal behavior and reacts in speedy time to events from days to seconds.
• Cloud Access: The company can enable users to connect directly to their SaaS applications and use FortiClient to provide a simple feature that allows split tunneling. So remote workers have a secure connection to the network to access resources like email or databases, and a direct link to the internet and cloud. However, organizations still need to provide visibility, compliance, data security, and threat protection for cloud-based services. FortiCASB (cloud access security broker) solutions provide policy-based insights into users, behaviors, and data stored in major SaaS applications, combined with a comprehensive set of reporting tools.
The above Fortinet solutions are be seamlessly integrated into the Fortinet Security Fabric for consolidated management, orchestration, and reporting to reduce the overhead associated with deployment, configuration, and troubleshooting. Advanced security, simplified deployment, and single pane of glass management provided by integrated Fortinet solutions ensure that your remote workers and extended network can remain secure, users can remain productive, and your business can continue to thrive even during the current global challenge.
Learn more about how to maintain business continuity through broad, integrated, and automated Fortinet Teleworker Solutions.

Work-at-home-0.jpg Fortinet-Biz-Continuity-1.jpg


About ข่าวไอที 24 ชั่วโมง

ข่าวไอที 24 ชั่วโมง ข่าวไอที ข่าว IT ข่าวเทคโนโลยี สินค้าไอทีมาใหม่ รีวิวสินค้าไอที

Check Also

Parents in APAC hide their private data from their kids more than cybercriminals, Kaspersky reports

Online users ar …

%d bloggers like this: