Gartner Blog Network


Temporary Policy Changes for Remote Working

by Pete Shoard  |  March 30, 2020  |  Submit a Comment

Many of us are moving quickly to implement/extend remote working technologies in response to the current situation. At a time when all this is a necessity, not a choice; even those who had good remote working policies are now having difficulties. But, how can we address some of these difficulties simply and easily? A couple of weeks back I posted on ‘Is My Remote Workforce Visible to Our Security Operations?‘. This post addressed being able to see when bad is coming, but the question now is what temporary security policies would reduce our threat exposure?

Sometimes the simple things can be the most effective.

Consider changing some of your IT and user policies to make things harder for attackers to collect intelligence that will be useful later. Implementing new policies around credentials, access to technology over insecure means, restricting remote workers to essential services only. However, it is important to strike a balance, we all know that if a user can get around a security control, they will. Set policies that are understood to be temporary, explain your rationale and keep users up to date. In other words, new controls should be inconvenient at worst, not counterproductive or inhibitive.

Some examples of easy to implement changes:

  • Shorten your password expiry policy to reduce the risk of compromised credentials becoming a problem.
  • Get as many users on Multi-Factor Authentication as possible and remove auto-authentication policies.
  • Provide Password management software to all users, to encourage good behavior.
  • Implement VDI instead of RDP where possible.
  • Create a VLAN/DMZ with limited access to the wider network for BYOD devices or devices that haven’t previously connected remotely.
Password management software supports Remote Working

Password Vaults Encourage Good Behavior

Trust your users, you have no choice.

One of the themes of the campaign for isolation has been “We’re all in this together”. Of course, ‘High School  Musical’ immediately comes to mind, but that’s not the intention. Lean on the comradery and the responsibility your employees feel. Promote policies to keep the business safe and get it back to normal running as quickly as possible. Think about your clean-up process for sensitive documents when remote working stops/slows down.

  • User policies that ask users to delete local copies of unnecessary files.
  • Online-only document editing where possible.

Supporting remote working for the whole of your workforce, equally.

Think about how these changes will affect the infrastructure and how they might affect your service suppliers. This week, some colleagues released a research note helping organizations locally think about this. Solving the Challenges of Modern Remote Access. It provides a decision tree, for identifying and solving the challenges of scaling large-scale modern remote access. There are some key things we must consider:

  • Will your ISP cope with the extra bandwidth to your key sites?
  • Can you introduce bandwidth throttling to give everyone a fair chance to access the services they need?
  • Could you use your DR site infrastructure to support demand?
  • Would you allow access to some services (securely) over the internet without remote access (web portals etc…)?

In conclusion, think simple, think short term and think about how to revert once all this is over.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: 

Tags: credentials  remote-working  security-policies  vpn  

Pete Shoard
Sr Director Analyst I
3 years at Gartner
17 years IT Industry

Pete Shoard is part of the Security Operations team. Covering analysis of and selection criteria for threat detection and response Managed Security Services (MSS) such as Managed Detection and Response (MDR) and Vulnerability Management (VM) services. Also security detection and response technologies such as Security Information and Event Management (SIEM), User Entity Behavioral Analytics (UEBA) and Deception. Supporting Gartner's ITL research in wider areas such as Security Operation Centre (SOC) best practice and security metrics and measurement.Read Full Bio




Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.