Stay in the know. Subscribe to Currents
CurrentTechnology

Endpoint Security: Protecting Distributed Workforces

3 Mins read

Businesses that have embraced a distributed workforce model benefit from many advantages. Empowering employees to work remotely boosts productivity, reduces turnover rates, and saves on overhead expenses.

However, facilitating a distributed workforce also means facing challenges not inherent in traditional work models. Cybersecurity is one of the most notable of those new challenges and one that poses considerable risks.

A recent report reveals that at least 20% of businesses have suffered data breaches caused by vulnerabilities introduced by remote work. Studies show that those breaches are more costly—$1 million more costly on average—and take nearly two months longer to identify and contain than breaches that occur with on-site workers.

Understanding the obstacles of endpoint security

The distributed workforce model creates infinite endpoints for a business’s digital infrastructure. Employees can connect from home offices and mobile offices using desktops, laptops, tablets, and phones and may use home or public networks to make those connections.

In this new digital environment, security professionals have far less visibility and control. Any number of new devices can be introduced via remote network connections without warning security teams. Ensuring remote workers comply with security protocols also becomes virtually impossible.

Distributed work models add new layers to cybersecurity. Installing security patches, for example, requires a new workflow. Security teams are now working with various devices with varying resource capabilities and may utilize different operating systems. Ensuring patches are installed quickly and correctly becomes a much more complex process with distributed teams than in traditional office settings.

Distributed models also generally have a much higher reliance on cloud computing, as data is stored in the cloud to make it more accessible, and work applications are sourced from the cloud. Each additional cloud resource presents its own security risks, increasing the breadth of knowledge security teams must have and the scope of vigilance they must provide.

The risk of social engineering attacks also increases as more employees connect remotely. Recent stats show cyber attackers have shifted their strategies to target remote workers, with 67 percent of attacks impacting business operations being leveled at off-site workers. One reason for the shift is remote workers depend more heavily on email and text messages, which are vulnerable to phishing attacks.

A remote employee working out of a coffee shop provides an excellent example of the many new security vulnerabilities distributed workplaces present. Stats show that 25% of remote workers prefer to work from coffee shops and restaurants rather than at home, though many remain unaware of the risks they assume in that setting.

A remote employee in a coffee shop could be using multiple personal digital devices to connect with the work network, including a laptop for accessing spreadsheets and a phone for accessing a customer relationship management app. The connection to the network is most likely through public WiFi, which is generally unsecured. In a public setting, the employee could also easily be the target of shoulder surfing, which involves a cyberattacker physically viewing an employee’s screen or keyboard to obtain information needed to gain unauthorized access to a network.

Deploying strategies for endpoint security

Endpoint detection and response (EDR) is an emerging trend in cybersecurity that effectively extends corporate security to distributed workforces. EDR essentially enhances the security team’s ability to monitor activity on remote devices. While it does not necessarily extend security measures or protocols to those devices, it allows teams to know when suspicious activity is occurring on the extended network so they can coordinate a response.

EDR involves installing software sensors on remote devices, including laptops and phones. These sensors track activity in a number of places, such as file systems and applications, with an eye for malicious behavior or intrusions. They provide real-time monitoring to detect:

  • Execution of unknown programs
  • Abnormal registry or system file changes
  • Connections established with risky IP addresses
  • Patterns of activity that may indicate malware
  • Existence of lateral movement tools

EDR monitoring leverages artificial intelligence to analyze data gathered from across the network of remote users and detect threats. EDR consoles notify security teams when threats surface, allowing them to investigate and, when necessary, respond. The key strength of EDR is the power it gives security teams to see and respond to risks remotely and rapidly.

Ideally, EDR efforts will be combined with other security protocols to create a comprehensive cybersecurity strategy. Other initiatives can include least privilege policies, zero-trust policies, and requirements for multi-factor authentication on devices used for remote access.

Providing employee training can also strengthen a business’s cybersecurity framework. With a distributed workforce model, security will be most effective when all employees understand security risks and commit to reducing vulnerabilities and preventing breaches.

During the COVID-19 pandemic, many businesses were forced to adjust their work models to allow for remote work, but as the pandemic has waned, remote and hybrid work has become the norm. As a result, cybersecurity professionals must transition their strategies to provide the best protection for distributed workforce models.

Yashin Manraj is the CEO of Pvotal Technologies

Endpoint security stock image by 3rdtimeluckystudio/Shutterstock

Related posts
CurrentMarketing

The Impact of Professional Photo Editing on eCommerce Sales

4 Mins read
For businesses striving to stand out and stay profitable in the competitive eCommerce landscape, product photo editing has become not just an…
CurrentStartup

Three Reasons Why Alumni Travel is the Industry’s Fastest-Growing Segment

4 Mins read
Travel is back with more ways than ever to experience the world. One of the fastest growing sectors of the industry is…
CurrentTechnology

Leveraging Government Cybersecurity Frameworks for SMB Protection

3 Mins read
We read too many stories today about data breaches involving millions of data records and ransomware attacks that bring down large corporate…