Summer is just about over. You may have missed it as we kept our distance and curbed many of our travel plans. As the reality of a continued work from home, school from home, and stay at home hit our home; we hit the road to capture a bit of summer, heading into the Pacific North West. While watching the clouds roll above the remote beaches along the Oregon coast, I wondered if the coming winter would bring with it a perfect storm for attackers.
In the early spring, organizations around the world were forced to adapt or face extinction. In haste, we answered the demand for remote access. And like most things done in haste, we may have forgone the details that will protect us in the near future. Increasingly we saw customers sacrifice their organizational policies around remote access and allow unknown and unrestricted devices to access their network. We are talking remote workers using their BYOD, from anywhere!
Classic BYOD stands for Bring Your Own Device into the company’s campus. But their workplace can be anywhere these days. With the hastily-executed remote worker solution, it can actually stand for Bring Your Own Disaster. It should go without saying, but allowing uncontrolled, unhygienic (and untrusted) endpoints to freely log in to the network from remote locations to access resources – with diminished visibility and control – poses an immense threat. And as organizations rushed to fill the demand for remote access, many asked their employees to do just this. To get the job done, employees were asked to access their organization’s highly prized private networks with their own devices. A device that they may share with their kids. We already know that they are sharing the same home network and Internet. Does this feel like a perfect storm for a disaster brewing?
Preparing for the winter ahead
Like the changing seasons, remote work may not seem like an option, but at least we want to do this without any disastrous consequences. Network access, be it remote or local, should always be controlled with unified policy in place – in a way that, at any point in time, an organization knows who is connecting, through what device, and if this device is compliant with the organization’s policy. Cisco Identity Services Engine (ISE) gives you this level of visibility and control. ISE enables you to decide if the endpoint should go through any policy remediation before allowing it onto the network and lets you control what the endpoint has access to. Now your policy extends to the user and endpoint no matter how or where they connect.
If your organization uses an endpoint management solution (MDM / EMM / UEM, etc.) to manage enterprise endpoints – that’s great. Connect it to your instance of ISE and gain the added visibility and control required to ensure that devices that are not managed by the MDM will first have to register and undergo a compliance check. No MDM? No Problem! ISE can also ensure that the employee’s remote workstation meets a list of requirements: baseline of OS version required security software, etc. to ensure compliance and limit risk.
Answer the call of the wild
Your remote access solution must ensure that all endpoints connected to the network are onboarded in a way that provides visibility into who and what is connecting. Access should be limited, based on device ownership and hygiene, onto only the required network segment(s) – based on their business role (remember? No BYO … Disaster!), and if something happens and they do get hit (for example, someone’s daughter or son clicked on the wrong “I agree” button and downloaded malware that was detected by your firewall), the remote worker laptop’s or tablet’s policy will “automagically” change into a quarantine segment before it becomes, well, you know it by now – a disaster – preventing this malware to further move throughout your network. With the required visibility and controls in place, IT can tame the wilderness of remote access and rapidly answer the call of the mobile workforce without increasing organizational risk.
With remote workers predicted to grow in frequency by 83% by 2021, saving US companies over $30 billion a day in lost productivity, the requirement for remote access is here to stay. It doesn’t have to compromise security – all we need to do is use the right solutions to ensure that we limit our exposed attack surface, prevent threat vectors to flourish, and regain visibility and control of our network – regardless of where those devices are located and how they connect.
Good read!
What is he trying to say?
He is saying, if you just put your head in the sand around remote access, and forgo extending your existing policy, you may end up with a disaster. It is more important now than ever with more unknown devices connecting from anywhere, to ensure you have the proper visibility to ensure compliance.