Remote Access Cybersecurity Go-To Guide

Cybersecurity is a top priority for all businesses. Given the circumstances with the COVID-19 outbreak, companies are relying on a remote workforce more than ever before. In many cases, companies don’t have the infrastructure or expertise to quickly provide remote access and/or equipment for all employees. Instead, some end up compromising assets by allowing workers to take equipment home, like desktops and monitors.

In this article, we will review how you can leverage cloud security to help provide additional visibility, control access, and most importantly, reduce the risk associated with a large remote workforce.

Let’s start with the obvious: allowing users to take corporate assets home without first taking proper steps and or precautions can be a nightmare. Helpdesk administrators lose remote access to desktops, multiple layers of security are eliminated, and in many cases, security teams are left with little to no visibility. The reason for this has a lot to do with the deployment methodology. Many corporate environments have not adopted cloud security and instead, rely heavily on on-premise security tools. 

person working icon

“Only 31% of companies have consistent data protection across their devices, networks, and cloud services.”

The Data Dispersion Cloud Adoption and Risk Report

On-premise security tools is exactly what it sounds like—security measures physically on the premises of a business. On-premise security refers to both hardware and software tools put in place to protect on premise resources like desktops, laptops, and servers. Some examples of these include firewalls, VPNs, intrusion prevention and detection systems, and anti-virus software along with physical security measures.

Cloud security, on the other hand, refers to a set of technologies, controls, policies, and procedures that come together to protect information. These cloud-based technologies provide infrastructure that allows for centralized visibility to approach security with the capability to protect sensitive data, set up rules, and support compliance everywhere.

Now that we have gone over the differences between on-premise and cloud deployment let’s put together a list of features based on industry best practices.

Features

  1. Internet Visibility 
    A good security design provides security administrators with the information needed in order to detect, mitigate, and research attacks.
  2. Isolation
    In the event a computing resource is compromised, administrators should have the ability to isolate and remediate risk.
  3. Device health and posture
    Identify risky devices. The reality is that you can’t protect what you can’t see. Keeping track of device posture is pivotal, especially when dealing with a remote workforce.
  4. Remote device remediation
    Once a threat is identified, remotely trigger remediation of the device.


Solutions

Cisco Umbrella (Internet visibility)

Leveraging insights from Cisco Talos, one of the world’s largest commercial threat intelligence teams with more than 300 researchers, Umbrella uncovers and blocks a broad spectrum of malicious domains, IPs, URLs, and files that are being used in attacks. Cisco also feeds huge volumes of global internet activity into a combination of statistical and machine learning models to identify new attacks being staged on the internet.

This type of flexibility also gives the enterprise the ability to complete midcourse corrections to respond rapidly to sudden change. The enterprise can do a better job of maintaining a competitive edge.

Duo (Device isolation, health, and posture)

To prevent the spread of malware and stop risky devices from accessing your applications, create custom access policies and controls based on security health profiles. Duo’s Endpoint Remediation allows you to block access based on certain device factors. Closing security gaps starts with keeping devices patched and healthy.

For example, you can block any devices running out-of-date Flash or Java until the user updates their device to the latest software version. That way, you can ensure enterprise applications are protected against all known and reported vulnerabilities.

AMP for Endpoints (Remote device remediation)

Cisco AMP for Endpoints offers cloud-delivered endpoint protection and advanced endpoint detection and response. Cisco stops breaches and blocks malware, then rapidly detects, contains, and remediates advanced threats that evade front-line defenses.

  • Prevent: Block known malware automatically leveraging the best global threat intelligence and enforce Zero Trust by blocking risky endpoints from gaining access to applications.
  • Detect: Run complex queries and advanced investigations across all endpoints, and continuously monitor all file activity to detect stealthy malware.
  • Respond: Rapidly contain the attack by isolating an infected endpoint and remediating malware across PCs, Macs, Linux, servers, and mobile devices (Android and iOS).


How it all Comes Together

The Cisco Security ecosystem covers email, networks, cloud, web, endpoints, and everything in between.
Cisco Talos has more visibility than any other security vendor in the world, with the sheer size and breadth of the Cisco Security portfolio and the incoming telemetry from Cisco’s customers and products. This unique visibility delivers greater context from many data points during an occurring incident or campaign. This, along with other resources like open-source communities and internal vulnerability discovery, creates a massive amount of threat data.

A key differentiator of Talos is their ability to respond. With a broad portfolio of protection, responding to threats inside your network is simplified with automatic configurable updates all the way to Talos Incident Response, which provides a full suite of proactive and reactive services to help you prepare, respond, and recover from a breach.

The Right Approach for the Right Outcome

With planning and a methodical approach to address these challenges, you put yourself in a much better position for success.  It’s never too late to bolster your security measures, and there’s no better time than today to get started.

We can help. We design, deliver and operate our security services and solutions with care.

  •        Assessments and roadmapping
  •        Vulnerability scans and penetration testing
  •        Solution design and implementation
  •        24/7/365 Managed Services
  •        Real people – local – ready to help!

With our team of highly certified professionals, you’ll have all the support you need, at all hours of the day.

Call us today to find out how you can be secure in every aspect of your organization.