The COVID-19 virus outbreak, also known as the coronavirus, has caused major supply-chain disruptions for a wide range of industries around the world. Aerospace companies Airbus and Boeing, and automakers Tesla and G.M. both have closed production facilities while Apple announced that it may miss its quarterly revenue numbers, all due to the coronavirus.
COVID-19 has also resulted in major global employers, including technology companies Amazon, Google, Microsoft, Facebook and Twitter, requiring their employees and third-party contractors to work from home.
Today, 43% of all U.S. employees work off-site at least part-time, according to Gallup’s State of the American Workplace report. Research also shows that employees believe working remotely is not a productivity hindrance while the majority of Americans feel that remote workers are just as productive as those who work in an on-site office.
With companies now adopting remote work en masse due to the coronavirus threat, online security has become a critical issue as organizations must protect their employees, third-parties and contractors, digital assets and customer data against not only the biological virus but also cyber criminals.
In response to crises such as the coronavirus, organizations should have IT disaster recovery plans in place that have been developed simultaneously with business continuity plans. This includes business priorities and recovery time objectives for IT resources along with a business impact analysis. Technology recovery strategies should also be developed to restore hardware, applications and data in time to meet the needs of the business recovery in the event of an outage.
Secure remote access also plays a critical role when considering disaster recovery and business continuity as organizations must be flexible enough to enable remote work for a majority of all of their employees while still achieving normal workforce productivity despite external disruptions.
The coronavirus, a disruptive biological event, has forced organizations to shift their employees and IT resources so that they can function with work at home scenarios or in secure locations.
Banks and financial institutions have installed screens in securities traders’ homes to help slow and stop new coronavirus infections through employee isolation. And while investment bankers, engineers, IT staff, human resources, and senior management can work from home, workers such as traders or salespeople that must meet regulatory requirements are faced with technological limitations that must be solved.
Goldman Sachs, JPMorgan Chase, Morgan Stanley and Barclays’ business continuity planning all called for isolating and protecting employees in Asian countries at the coronavirus outbreak epicenter.
“We’re practicing,” said a senior executive at one large US bank. “You don’t want to wake up and find that the US has half a million cases and someone tells you to send everybody home.”
Now, to prevent banking employees from being quarantined globally over coronavirus, financial institutions are looking at spreading workers out between head offices and disaster recovery sites that have the same technical capabilities as their main sites, according to the Financial Times.
Many organizations let their employees, contractors, business partners, and vendors use enterprise remote access technologies to perform work remotely using organization-owned and bring your own device (BYOD) client devices that must be secured against data breaches and theft. Security concerns include the lack of physical security controls, the use of unsecured networks, connection of infected devices to internal networks, and the availability of internal resources to external hosts.
In addition, security policies and agreements with third-parties regarding device security cannot always be enforced, potentially leaving unsecured, malware-infected, and compromised devices connected to sensitive organizational resources.
Therefore, to secure organizations using remote access technologies and mitigate BYOD and third-party-controlled access risks to network resources, the National Institute of Standards and Technology (NIST) recommends that organizations implement the following controls:
Plan remote work-related security policies and controls based on the assumption that external environments contain hostile threats.
Develop a remote work security policy that defines telework, remote access, and BYOD requirements.
Ensure that remote access servers are secured effectively and are configured to enforce remote work security policies.
Secure organization-controlled remote work client devices against common threats and maintain their security regularly.
If external device use (e.g., BYOD, third-party controlled) is permitted within the organization’s facilities, strongly consider establishing a separate, external, dedicated network for this use with remote access policies.
NIST also recommends placing remote access servers at the network perimeter and defines four types of remote access methods:
Check Point enables organizations to meet NIST remote access security standards and more while easily managing least privilege access to internal resources with real-time, intelligent trust decisions based on defined policies and contextual data. Check Point’s zero trust architecture also restricts user access to authorized resources so that the right people have access to the right resources at the right time, without the need for a VPN.
With granular access control over and within each resource, based on the dynamic and contextual assessment of user attributes and device state, the zero trust solution provides a rich set of rules that can be enforced across all users, servers and enterprise data stores, including user commands and database queries.
The security of remote access servers, such as gateways and portal servers, is also important as they let external hosts access internal resources, as well as provide a secure, isolated remote work environment for organization-issued, third-party-controlled, and BYOD client devices.
Check Point provides several secure remote access options for remote workers including VPN Replacement, Third-party Access, Developer Access and Privileged Access Management (PAM) as well as application. database and remote desktop access that meets or exceeds NIST security controls.
VPN Replacement:
Companies no longer have corporate data centers serving a contained network of systems but instead, typically have some applications on-premises and some in the cloud with employees accessing these applications from a range of devices and multiple locations – including their living room, airport lounges, hotel conference rooms, and their local cafe.
This poses security challenges that were not an issue only a decade ago. Companies can no longer rely on perimeter-based security models that focus on letting good guys in and keeping bad guys out.
The zero-trust access solution is designed for the complexities of the modern digital environment. Privileged access to private company web applications is granted only once the user and device are fully authenticated and authorized at the application layer, eliminating implicit trust from the network.
Third-Party Access:
Freelancers and contractors are an integral part of today’s workforce. Managing their access to sensitive data at scale is a nearly impossible task, exposing companies to potential security risk. Perimeter-based solutions provide no visibility into user activity. Only 34% of companies know the number of individual log-ins that can be attributed to third-party vendors.
With Check Point, role-based controls allow administrators to easily provision and deprovision access to (and within) internal applications and limit access in both time and scope. Moreover, administrators receive full activity logs that provide visibility on all third party activity. Security teams no longer have to waste valuable time trying to set up and manage complex workflows.
Developer Access:
Today’s rapid pace of development and deployment increases the need for accessibility, which increases the risk of simple human error which can corrupt, delete, or drop valuable data from your database. But, traditional perimeter-based security methods often restrict the agility of development. As a result, developers are often given administrator privileges, which attackers can exploit to move laterally around your network.
Check Point eliminates the need to give developers such board access rights. Check Point integrates natively with database protocols, providing developers with a quick and secure connection to any database through their terminal. Any underlying security measures are indetectable. At the same time, Check Point’s role-based access controls allow administrators to easily provision and deprovision access to (and within) any database and limit a developer’s role down to “view only” completely blocking their ability to write, drop or alter the database.
Privileged Access Management (PAM):
Securing privileged access to servers has traditionally focused on key management. But managing, tracking, and rotating keys at scale is a nearly impossible task. Credential theft is still one of the most efficient and effective attack vectors with three out of four enterprises vulnerable to root-level attacks due to SSH mismanagement.
Check Point’s zero trust architecture secures privileged access to servers via a built-in PAM solution designed to eliminate the need for users to hold static credentials. Instead, users authenticate to a server using either a short-lived token or a public-private key pair, both of which are issued and managed through Check Point. The keys are rotated periodically and can be manually revoked at any time, instantly cutting off all access.
Additional benefits: