Protecting a distributed workforce.

16 Mar / 2020

Cyber Security

COVID-19 has quickly switched many organisations to full work remote / from home policies, and IT teams are dusting off disaster recovery and business continuity plans. We know hackers are using Coronavirus to target users, so it’s important to keep security front of mind when protecting a distributed workforce.

After talking about this topic with a few clients, I thought i’d share my security tips to consider when protecting a remote and highly distributed workforce.

Protecting Endpoints

This seems obvious, to provide some level protection from malware and exploits on endpoints. But keep in mind many organisations do not supply staff with laptops or home workstations, so they may well be accessing corporate email or data from home machines outside of the normal corporate security standards and monitoring. Keep mobile devices and tablets in mind here too. Many technology vendors are providing additional burst or top up licensing so be sure to look into this.

Get Visibility

A highly distributed workforce creates visibility challenges too. Where your users usually connected via fixed perimeters you controlled, now they could be accessing cloud and SaaS data from anywhere, on any device. A Secure Web Gateway is a good solution for this, as it provides visibility into applications and data users are interacting with, and lets you enforce your corporate security policies no matter what they’re accessing. It also connects users to a global point-of-presence network, meaning you don’t have to drag your users back through your own perimeter in order to get visibility and enable your users to access applications.

Dust off that VPN!

Suddenly that often malnourished remote access solution is critical infrastructure. If you do need to connect staff into your environment to access applications, confirm your VPN is provisioned to handle 60-75% of your workforce connecting concurrently. This is also a really good time to ensure multi factor authentication is enabled on all your entry points, including VPN’s (you would be surprised how often it isn’t!).

Cythera provides a Secure Access solution through Cato Networks global points of presence that can be stood up in hours if you need assistance here.

Be able to detect & respond.

This is really a dovetail on the visibility point, but with your users remote, accessing services from anywhere potentially on any device, logging and visibility have never been more important. Ensure you’re taking feeds from your cloud and SaaS applications, and comparing them to security and endpoint data, and running some form of behavioural and threat analysis over them. This will give you a really good head start to detecting and responding to threats before they become incidents. It might be as simple as why is Mary from HR logging in from Melbourne, and then five minutes later successfully authenticating from India. Or it might be a more sophisticated user making Powershell or API calls they have never made before. Visibility is key here. A detection and response platform can give you a good head start if you feel you’re lacking here.

Significant changes in working patterns demand that cyber security be front and centre in your IT planning. Reach out to the Cythera team if you need some air cover.

The Cythera Security Platform 


You may be interested in

Why Cythera partners with CrowdStrike to help customers achieve ACSC’s Essential Eight Level 1

Developed by the Australian Signals Directorate (ASD), The Essential 8 (E8) is a prioritised list of mitigation strategies designed to help Aust…

Read More arrow_forward

Cythera and Druva: A Strategic Alliance for Essential Eight Compliance and Beyond

For Australian companies navigating the complexities of cyber resilience, having a dependable backup solution is not just a nice-to-have, it's a…

Read More arrow_forward

Microsoft Office Remote Code Execution Vulnerability aka Follina

CVE: CVE-2022-30190What Is Vulnerable? Windows Office 2013 and later, including the latest patches for Office 2021What’s Happening?Microsoft O…

Read More arrow_forward