In the spring of 2020, the number of remote workers exploded in response to the COVID-19 pandemic. While this allowed many businesses to function, each new remote worker logging in to the company network posed a security vulnerability. Corporate Information technology chiefs are now kept awake by this question: How to maintain security when employees work remotely?
Before the pandemic response, the twin pillars of network risk management were cyber liability insurance and robust perimeter security. Cyber liability coverage remains as vital as ever. Perimeter security – keeping threats out of the corporate network – is a different story. When a company has many workers connecting remotely, its network perimeter has effectively disappeared. This new way of working demands a new approach to security.
Basic Remote Security: VPNs and MFA
A security starting point for remote workers is a virtual private network. Think of VPN software as an encrypted pipeline between a remote worker’s device and a business’s central network. Mandating that remote workers always have their VPN software active is foundational network security.
Ensuring that only vetted employees can gain access to the network is the mission of multi-factor authorization. To log in with MFA, a remote worker must possess at least two of these three items:
- Biometric data such as a fingerprint or face scan
- A password or an answer to a security question
- A device such as a USB dongle or a smartphone with authentication software
While VPNs and MFA bolster security, a network is still vulnerable if a cyber predator compromises a remote employee’s computer. That threat requires a more comprehensive measure.
Advanced Remote Security: UEM
When installed on both company servers and remote workers’ devices, unified endpoint management software adds to VPN and MFA functions. With UEM, network administrators can monitor the status of all network devices and ascertain that anti-malware applications are installed, up to date and properly configured. This capability lessens the risk of computers infected with keyloggers or ransomware gaining access to the entire network.
High-end UEM software suites can further reduce risk by pushing updates to remote devices. This capability overcomes security breaches resulting from workers falling behind with recommended software patches. Businesses with exceptional network security needs can use UEM as a stepping stone to an even more rigorous security standard.
Ultimate Remote Security: Zero Trust
Zero trust is as much an attitude as it is hardware and software. The zero-trust security environment functions by constantly evaluating all network users at all times. Software known as a policy engine permits or revokes network access by comparing user actions against a database of prohibited activities. When carefully implemented, zero trust provides high security without unduly burdening legitimate users.
Remote working is here to stay. With a company-wide security commitment reinforced by cyber liability insurance, a business can thrive in this new era.
About Axis Insurance
At Axis Insurance Services, we aim to help our customers identify their exposures and protect themselves. Founded in 1999, we offer insurance programs to a wide variety of professionals and industries including attorneys, real estate, healthcare, architects, and more. We also have a wholesale division. We pride ourselves on offering flexible insurance coverage tailored specifically to each customer’s needs. To learn more about our solutions, contact us at (877) 787-5258 to speak with one of our professionals.