Are Your Assets Protected as Work from Home Employees Surge?
07
May 2020
By: Orhan Yildirim
Studies and real time tracking of incidents show that breaches will continue to skyrocket during this Work From Home (WFH) period, but in many cases, IT teams may not be aware of the adversaries for a year or more.
If you do not want to be a victim of a breach, you must adapt your security posture to a new norm.
While it was urgent to rapidly set up VPNs and other means to access critical business resources, there is no time like now to reflect on the significant risks associated with granting privileges to many more employees than usual, and enabling them to access resources over the Public Internet. With so many critical systems and valuable assets being made accessible from virtually anywhere, IT and OT teams, and the leadership and boards of companies are rightfully concerned.
According to Kate Lister, who has been analyzing remote work trends for more than a decade, this scenario, with employees forced to work from home, is a turning point for businesses in the U.S., where the evolution of telecommuting has been slower than in other countries and regions.
Even with natural benefits (reduced real estate costs, more workforce flexibility, and more productivity in cases her firm, Global Workplace Analytics has studied, only 7% of U.S. firms offer telecommuting and just 3.6% of American workers (5 million employees) spend at least half their labor hours at home. Based on data published by the U.S. government, the growth of remote work in the U.S. has been growing steadily (around 10% growth each year), but the COVID-19 pandemic has added tens of millions, even hundreds of millions of workers to work from home offices.
Even the next generation of workers – and the generation after that, are learning to learn from home as schools have been closed, which means a growing number of people are getting comfortable with the idea of virtual meeting and working.
Wayne Kurtzman, research director for social, community and collaboration at research firm IDC, said global demand for collaboration tools will increase exponentially as a result of the outbreak given this new comfort level, which Kurtzman says will make longer term and even permanent adoption seamless.
Within days of the rush to remote working in early March, attacks on systems began, including through privileged credentials. Adversaries continue to take advantage of many vulnerabilities, as the attack surface expands dramatically. Most well known were the early “Zoombombings” where strangers sat in on private business conversations and conference calls (which Zoom immediately began to address).
Super user (privileged) credentials are the prime target of attackers and used in 80% of breaches, and it can be surprisingly easy, fast and affordable to secure those, by implementing solutions that make system credentials invisible to employees.
Ironsphere’s solution, which works with any network and application type, records every session in real time and provides automatic alerts and notifications immediately, when our intelligent software senses a threat.
By adding Privileged Access Management to the IT team’s toolkit, enterprises and organizations can set up, monitor and manage credentials across multiple cloud-based applications, ERP systems, databases and collaboration solutions, not only securing remote access, but automating the process for the ultimate enhancement in productivity and efficiency.
Ironsphere’s leading PAM solution makes it easy to set up, scale and afford comprehensive implementations, that dramatically reduce risk and help ensure even better business practices, as we move into the new normal, with all the benefits of supporting distributed workforces without potentially disastrous breaches.
We’d be honored to help you protect what you connect – simply contact us at info@ironsphere.com.
Similar Blogs
More Than Zero Trust: Zero Touch Privileged Access Management Solutions Save Time, Reduce Risk
We have all found ourselves in a different world of work given the events that have defined 2020, and few professionals are feeling the pressure more than IT and OT teams.
Enterprise Risk Appetite Frameworks Should Include PAM
Just as cyber risks evolve, the evolution of risk appetite frameworks is more active than ever. With more sophisticated adversaries, more digital transformation initiatives, more mobile works, ecosystem partnerships and connectivity to multiple clouds and services, enlightened management teams and their boards are updating their levels of “risk tolerance.”
The Future of Multifactor Identification in Privileged Access Management
Two-factor authentication has been around for decades – requiring an additional step between entering a username and password, for example, then entering a one-time security code sent to a mobile device – to access applications, systems and data.