Many of us are moving quickly to implement/extend remote working technologies in response to the current situation. At a time when all this is a necessity, not a choice; even those who had good remote working policies are now having difficulties. But, how can we address some of these difficulties simply and easily? A couple of weeks back I posted on ‘Is My Remote Workforce Visible to Our Security Operations?‘. This post addressed being able to see when bad is coming, but the question now is what temporary security policies would reduce our threat exposure?
Sometimes the simple things can be the most effective.
Consider changing some of your IT and user policies to make things harder for attackers to collect intelligence that will be useful later. Implementing new policies around credentials, access to technology over insecure means, restricting remote workers to essential services only. However, it is important to strike a balance, we all know that if a user can get around a security control, they will. Set policies that are understood to be temporary, explain your rationale and keep users up to date. In other words, new controls should be inconvenient at worst, not counterproductive or inhibitive.
Some examples of easy to implement changes:
- Shorten your password expiry policy to reduce the risk of compromised credentials becoming a problem.
- Get as many users on Multi-Factor Authentication as possible and remove auto-authentication policies.
- Provide Password management software to all users, to encourage good behavior.
- Implement VDI instead of RDP where possible.
- Create a VLAN/DMZ with limited access to the wider network for BYOD devices or devices that haven’t previously connected remotely.
Trust your users, you have no choice.
One of the themes of the campaign for isolation has been “We’re all in this together”. Of course, ‘High School Musical’ immediately comes to mind, but that’s not the intention. Lean on the comradery and the responsibility your employees feel. Promote policies to keep the business safe and get it back to normal running as quickly as possible. Think about your clean-up process for sensitive documents when remote working stops/slows down.
- User policies that ask users to delete local copies of unnecessary files.
- Online-only document editing where possible.
Supporting remote working for the whole of your workforce, equally.
Think about how these changes will affect the infrastructure and how they might affect your service suppliers. This week, some colleagues released a research note helping organizations locally think about this. Solving the Challenges of Modern Remote Access. It provides a decision tree, for identifying and solving the challenges of scaling large-scale modern remote access. There are some key things we must consider:
- Will your ISP cope with the extra bandwidth to your key sites?
- Can you introduce bandwidth throttling to give everyone a fair chance to access the services they need?
- Could you use your DR site infrastructure to support demand?
- Would you allow access to some services (securely) over the internet without remote access (web portals etc…)?
In conclusion, think simple, think short term and think about how to revert once all this is over.
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.