Yes - and here is why....
1. Most homes do not have business grade intrusion prevention devices (IPS) that are fairly standard in business environments. If employees access the internet on home or work computers - this will increase the attack surface for the company. Companies should provide better security but they may not. Employees who want to continue to work from home should make sure they have a firewall with IPS and that they follow basic security common sense - (don't open emails or click on links you do not recognize)
Here are two lists of "best devices":
https://windowsreport.com/firewall-device-for-home/
https://www.networkstraining.com/best-hardware-firewalls-for-home-small-business/
And here is Gartner's list:
https://www.gartner.com/reviews/market/network-firewalls
2. If employees are working from home and using their own devices - and in some cases even company provided devices - they will have subpar endpoint protection. Protection against malware and viruses is necessary for secure operations.
In this case - I'll just link to Gartner's list:
https://www.gartner.com/reviews/market/endpoint-protection-platforms
3. If employees are working from home - and the company has no way to manage the employee's compute devices - they are blind to what is really happening.
Again here is Gartner's list on MDM:
https://www.gartner.com/reviews/market/unified-endpoint-management-tools
4. Companies are usually blind to the exposure due to outdated software - both on internal and external devices. They should have some sort of vulnerability assessment tool.
Here is Gartner's list: https://www.gartner.com/reviews/market/vulnerability-assessment
5. Last but not least - having security professionals to monitor and manage your environment is out of reach for many companies. Either they cannot afford or they cannot find enough professionals to monitor their company's security. https://www.cnbc.com/2019/03/06/cybersecurity-expert-shortage-may-cost-companies-hundreds-of-millions.html
In the cases where companies do have security professionals - they often suffer "alert fatigue." https://www.scmagazine.com/home/security-news/in-depth/crying-wolf-combatting-cybersecurity-alert-fatigue/
Therefore, especially in the current environment - https://www.gartner.com/smarterwithgartner/are-your-new-remote-workers-visible-to-security-operations/ - companies should consider using a managed detection and response security provider who has a proven process and staff for monitoring the security of their employees. They should be "agnostic" when it comes to input of logs, cloud sources
https://www.gartner.com/en/documents/3314023
Full disclosure - I do have a bias on which solution you should use since I work for one of them:
https://arcticwolf.com/resources/press-releases/arctic-wolf-named-as-a-representative-vendor-in-gartner-market-guide-for-endpoint-detection-and-response-solutions
No comments:
Post a Comment