How Will Work From Home Change Vulnerability and Patch Management for Businesses in the Future?
COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.
Supporting employees who are working from home presents a number of new security challenges. The main issue centers around the fact that employees are no longer working under the umbrella of their workplace’s security network, which has increased safety measures and scheduled updates and patches. Vulnerability management and patch management become increasingly difficult to secure effectively when you consider the role of VPNs, BYOD, and cloud services. As we move to the new normal, businesses will have to adjust as the current work-from-home environment is here to stay. If anything, COVID-19 has proven that many businesses can effectively operate outside of the office, and as such, these are new security issues that business and IT leaders will have to consider while maintaining the same operational capacity.
The challenges listed will each have to be dealt with as we shift to the new normal. Consider how the work-from-home (WFH) status quo will change the use of VPNs and remote security. Patching solutions already have limitations when it comes to remote patching; even Windows is not immune to the problem. VPNs still must communicate with on-premises infrastructure to remain updated and unified. As a result, IT teams will have to spend additional time restructuring an enterprise’s VPN network to accommodate all of the additional VPN traffic on the network to ensure that WFH employees remain up to date in their patching and to manage any vulnerabilities.
Subsequently, the increased traffic has the potential to overload underprepared networks, creating lag or downtime for employees trying to connect remotely. Enterprises seeking to accommodate VPN usage could make allowances for individuals’ devices to directly download from Windows to increase bandwidth, however, in doing so, IT departments will lose more control over the security of their networks and patching visibility. IT departments will need to decide on restructuring their VPN to accommodate additional traffic or forgo this to maintain their patching cadence.
Another new consideration with the work from home environment is the increased introduction of personal devices and a shift toward bring your own device (BYOD). Again, businesses that were not set up for the increase in WFH may now be experiencing a shift to having a multitude of potentially unsecured devices. While workplaces have adapted to BYOD, the majority have not adopted it. Furthermore, making this transition in a short period is difficult almost to the point of it being unmanageable. Enterprises must now cope with having corporate data accessed from unsecured devices. Security teams will need to consider how they can ensure patching fidelity on these devices without having direct oversight into the process.
Businesses should consider implementing hybrid-based cloud patch management solutions. This can help to ensure that people who are working from home can still report regularly to their on-premises network. Cloud services allow for continual updates and results, but this relies heavily upon your relationship with your vendors. This solves one of the problems with VPNs in addressing network bandwidth and thoroughfare. It is also promising that many vendors have increased their offerings of BYOD considerations, and licenses to maintain security and compliances during the pandemic.
Understandably, many businesses’ primary focus is simply staying afloat during COVID-19, and as such, they are unable to restructure aspects of their IT processes. Hybrid and cloud support are excellent ways to alter your business processes without a major overhaul. Because we’re still unsure how long the pandemic will persist, security and IT should aim to support all offsite systems. Patching is a foundational aspect of business security, but it is not the only aspect. A layered security approach is best, especially in a remote work environment where security threats can come from a myriad of new vectors. Use a full toolkit of security options including vulnerability management options, privileged access management, application whitelisting, regular back-ups, education & training, multi-factor authentication, etc.
Remote environments and work from home will change how business takes shapes moving forward. COVID-19 has proven that many businesses can still operate effectively in a remote environment. Security and IT should continually work to maintain these new connections to the best of their abilities and to remain some form of a patching cadence, even with remote work. With a hybrid approach to security and cloud-based patching options, work from home will remain a viable option, likely stretching beyond COVID-19 to enforce new security and IT considerations within businesses.
Want to Know More?
Have you ever thought of what else you could do to take your security operations center (SOC) to the next level and focus on prevention? Look no further – external attack surface management (EASM) was a popular managed service and topic of discussion at Rivest–Shamir–Adleman (RSA) Conference 2023, named after a popular public-key cryptosystem.
By exploiting a five-year-old configuration error, a hacker was able to access Amazon’s S3 cloud storage buckets on which Twilio’s code was loaded. As a result, customers were able to unknowingly download the modified code for twenty-four hours.
Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.
Remote Work Landscape Pushes Microsoft to Releases Endpoint DLP and Double Key Encryption Features for Added Data Security
Microsoft recently previewed the specific features to tackle data security and risk management for end users with Microsoft Endpoint Data Loss Prevention (DLP) and Double Key Encryption. The reason for the launch? The increasing shift towards a remote work environment and a need to mitigate the accompanying risks.
IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.
RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.
To bolster and broaden its data privacy capabilities for end users, cyber and data protection vendor Acronis has acquired DLP player DeviceLock. The acquisition aligns with the increasingly prevalent role that data privacy plays in cybersecurity.
Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.
Navigating the vendor risk management space, particularly in the current environment that consists of a mix of cloud, managed services, and critical supply chain, is key to ensuring that you don’t inadvertently introduce new risks through this dynamic channel.