?

Security Solutions for Business Continuity

Security solution options

Bad actors are already exploiting knowledge workers, home agents, healthcare providers and students operating remotely. Security professionals are suddenly confronted with securing an exponentially larger attack surface. By focusing on the following areas, organizations can establish a security posture designed to ensure business continuity.

Encryption

With more employees, students and healthcare professionals working from either personal devices or those issued by IT departments, device encryption is one of the easiest ways to prevent data loss or theft. Both Microsoft and Apple offer built-in utilities for encrypting whole storage systems, files and folders.

Whole disk encryption renders data stored on a device unreadable should it be lost or stolen. File and folder encryption allows users to add extra protection around sensitive data. For instance, if a device is shared by multiple household users, business, education and healthcare files would become unreadable by anyone but the person who knows the encryption key.

Identity access and management

Identity and access management (IAM) is a framework that streamlines the authentication, authorization, automated provisioning/de-provisioning and access review process. By implementing an IAM policy, organizations can ensure the right people and devices have the right level of access at the right time, including people and devices outside a corporate network. 

One way to implement an IAM policy is by developing a strategy around multi-factor authentication (MFA). MFA helps mitigate identity risk by requiring additional authentication methods combined with credentials for authentication. Selection of an MFA technology requires striking a balance between the level of risk mitigation required and the level of burden placed upon users.

Endpoint protection and detection 

Every individual's endpoint device is a gateway to an enterprise’s environment. A bad actor may not be interested in the data on that device but is likely very interested in using it to further penetrate a network or escalate their privileges to gain access to business-critical systems and data. 

All endpoints accessing corporate information and systems should be protected by an endpoint protection platform (EPP) and an endpoint detection and response (EDR) solution. These solutions secure the endpoint before or during an attack. Most solutions also offer the ability to actively detect, respond to and mitigate breach incidents should they occur.

Endpoint management and patching

One of the best ways to guard against bad actors is staying up to date on patching known vulnerabilities. As patches are released, they must be tested by organizations to ensure they don’t disrupt business continuity. This takes time and people.

Schedules must be coordinated for a maintenance window as patches are uploaded to the patching systems and then pushed to every remote device and system. Even with this planning, there is going to be a percentage of machines that will not get the patch. This could be because they are offline/powered off or experience connectivity disruptions. With the increase of remote workers and systems, an effective patching program is must.

Data loss prevention

Every organization needs a strategy to ensure the safety of the data they hold, especially those operating in highly regulated industries. Data Loss Prevention (DLP) solutions include products that monitor email and file transfer traffic, looking for patterns that match information such as credit card numbers, social security numbers and medical terms. These products focus on the movement of data that may not conform to corporate policy. 

DLP solutions may also implement a way to disable the use of USB drives on the endpoint, eliminating the risk that protected information is copied and possibly removed from remote environments. Solutions can also monitor file movement to, from and between cloud environments.