Security and IT teams have heard enough about mobile workforces being the “new normal.” From a security and exposure standpoint, endpoints on the move operated by non-IT (and sometimes technologically challenged) people are anything but normal. They get it—decentralized business models are the wave for the future and come with the territory in terms of talent acquisition and retention. But cybercrime is also riding a big wave of growth, and infrastructure connections on an anywhere, anytime basis play right into the hands of the bad guys.
The good news is that work from anywhere (WFA) users can be secured. Here’s how to help your clients get there in four steps:
#1 Work with the right provider
You need the right provider to help you and your clients deal with the challenges of WFA users that can be:
- Working from home. Most businesses now need to enable work-from-home at least part of the time. Notoriously under-secured home networks present challenges in both hybrid (splitting time between the home and office) and full-time WFH settings.
- Working on the move. Mobility, long essential to many business roles, can also be crucial (or at least helpful) to recruiting and retaining workers. In these cases, insecure connections from any manner of connectivity sources (e.g., coffee shop or hotel Wi-Fi, friend and family home networks, etc.) pose security risks. TIP: All workers need security awareness training, but it’s acutely vital for remote workers.
- Working at the office. With all the focus on users working from home or on the go, security at the office gets overshadowed. But it’s still vital and office security needs to mesh seamlessly with remote worker security.
The best way to tackle the complexity of these three connection types is to work with a provider that can simplify WFA security by wrapping them all into a unified security fabric that encompasses all edges and endpoint connections. In other words, the provider you work with matters—for your MSSP and your clients.
#2 Trust No Connection
Multiconnection models must verify users and devices for every application connection and user session. Zero Trust Network Access is your ticket here. And as we’ve detailed before, it’s an overlooked opportunity for MSSPs.
#3 EDR (The One You Knew Was Coming)
You’re right to call this one a gimme (of course endpoint protection is needed), but we couldn’t leave it out just ‘cuz it’s the first thing that comes to mind with remote connection security. But while we’re on the subject, we’d be remiss if we didn’t remind you that the quality of your threat intelligence and response really, really matters here.
#4 Frame it in SASE
Secure Access Service Edge (SASE) brings scalable, secure networking access to the remote workforce table. Pronounced “sassy,” SASE evolved from SD-WAN (think: could-based networking security and WAN functionality but entirely in the cloud) and has recently penetrated the IT world’s consciousness in a big way. If you’re not up on it and what to look for in a solution, we’ve got a fresh rundown for you here.