Helping Companies Track the Remote Work Journey

March 26, 2020

By

Nico Fischbach

Global CTO

Forcepoint

As I talk to security leaders, whether that means CISOs, Chief Risk Officers (CROs), or Data Protection Officers (DPOs), it’s clear that many companies are tracking against a similar journey as they adapt to a new way of working. Ultimately, success often depends on partnership and strong ties with other key leaders in their organization, especially the CIO or CTO. If we consider last week as the starting point in the timeline, here’s what company security and IT infrastructure leaders are working through

Week One – A network-centric and communications medium focus

Our customers who had a business continuity plan to rely on started there. At this stage in the journey, customers focused on enabling remote workers and on scaling Internet access and VPN capacity to accommodate large groups of remote users. Next, they started to dive into access-to-application capacity testing as well as making access rules more granular (for example at a country, departmental or when possible, at the application level) to make sure NGFWs and VPN access scaled to meet overall business needs while managing security exposure. This first part was about ensuring enough bandwidth to support a massive wave of remote workers in short order. Next was making sure to enable collaboration at scale, by operating in near-real time when it comes to e-mail, instant messaging and file sharing, with a good user experience when it comes to audio and video conferencing.

Week Two (the current week we’re in) – Focused on application access

For many customers, this week is consumed by ensuring access to both legacy and cloud apps at an extended level. And this includes getting a handle on the SaaS applications that have been activated to address bottlenecks or gaps identified during week one. It’s about making sure business runs smoothly across the company and the friction can be reduced as much as possible. This may mean rolling out broader remote access to a larger number of workers who need to access legacy apps through a VPN. It may also mean making existing cloud apps available to larger groups of employees, or rolling out a video conference solution from select departments to the whole company, or maybe wider access to collaboration apps. There’s a sense of urgency to ensure all employees have access to the tools that help them get work done remotely and adjusting to the local “office” constraints, e.g. the capped bandwidth limits at home or the shared use of computers in some cases.

There’s a risk on this front I’m warning customers about: the sense of urgency also extends to remote workers. They are eager to get access to the apps they need to be effective, which sometimes means creating accounts to access free or premium versions of cloud apps, i.e. shadow IT making a comeback. Also, in times like these, where employees might be setting up apps, they may fall victim to sophisticated phishing attacks that look remarkably like the legitimate setup processes they’re trying to work through. End result, security teams should expect increases in phishing attacks meant to hijack employee credentials. It’s a good time to remind employees of this reality to help them be better prepared.

Week Three – Time to fine tune, focus on data and a first “lessons learned” review

Next week, as companies start shifting from a critical operations business continuity mindset to one that is more business-as-usual -one that is likely to last-they will most likely focus more time and energy around fine-tuning and making access to networks and applications more granular, as well as reviewing their security posture to include their data protection needs. It’s a given that most companies leveraged the cloud to help scale over the past few weeks.

In week three, I also expect some customers to focus on data protection. As more employees access cloud apps and want to overcome bandwidth limitations by storing data locally, there will be a greater need to get a handle on how to secure the workarounds: employees using personal cloud storage solutions to store work-related files if they didn’t have access to the corporate editions, or employees emailing work-related files via their personal free email accounts to circumvent file size limitations. In many cases, that means researching data loss prevention (DLP) solutions as well as how cloud access security broker (CASB) solutions could help with their brand new or expanded and distributed hybrid IT system.

Beyond technology, this is a time to assess lessons learned from invoking business continuity to better understand what to transfer to “business-as-usual” operations in order for the business to move ahead. As an example, at Forcepoint we analyzed data gathered during our remote work tests from a couple weeks ago (we shut offices two consecutive days pre-lockdown to test work-from-home at scale) to assess where we need to put more resources, validate processes and identify gaps early – as a leadership team. It’s also showing us which areas of the business are experiencing little to no impact. Understanding this data also tells us where we need to revise our business continuity plan or if our plan is working as designed.

Some companies don’t have a complete business continuity plan in place or they may need to update the one they have. As this becomes the new way of working for the foreseeable future, this is a foundational aspect of keeping a business operational. Additionally, good business continuity plans can also help mitigate negative long-term impacts to business.


Tips for Securing and Enabling Large Groups

March 20, 2020

By

Carl Eberling

Chief Information Officer

Forcepoint

As the COVID-19 (Coronavirus) continues to affect globally, many companies to implement work from home plans to keep its employees safe and restrict the spread of the disease. At the same time, businesses are investing on the technology infrastructures to enable employees be prepared to ensure business continuity of their customers in securely and effectively from any location in the world.

Here are some tips to secure and enable remote workers:

  • Rely on your organizations’ emergency preparedness or business continuity plans.

               Now’s not the time to re-invent the wheel. Use this opportunity to validate work from home security and 

               capacity assumptions.

  • Understand workflows by department to better understand what applications those groups of employees need to get their jobs done.
  • Implement a rolling work from home policy for a limited number of employees or locations at a time in order to test access by department or work type.
  • Spend time thinking through your communication strategy. Will you communicate at the department level? Regional or office level? How will you communicate the most important updates to all employees?

 

  • Test your security plans for both access and capacity.

                Key here is to think through how well your existing security strategy scales to accommodate a large                            increase in remote workers.

  • Are you factoring in requirements for on-premises, cloud applications and hybrid environments your employees need to access to do their jobs?
  • Does your single-sign-on platform incorporate appropriate levels of security? If not, what gaps need to be addressed?
  • On the cloud application front: do the cloud applications your employees use have appropriate levels of elasticity? Can you easily scale to hundreds or even thousands of users to support bursts of users?

 

  • Test your VPN for both security and capacity.

               A strong VPN strategy is a foundational piece of keeping people and data secure. This is even more true as 

               organizations plan to accommodate large groups of remote workers.

  • Understand the total number of remote workers you need to support and plan a 2x VPN capacity of that number to ensure consistent operations.
  • Test for security and capacity at the department level. What applications do marketers need to use compared to developers or finance and accounting? Like mentioned previously, a rolling work from home program can help you test at this level.
  • Create separate private, performance-focused VPN connections for dedicated groups of employees to accommodate critical work. For example, you may create a specific VPN for accounting team members to access during end of quarter activities. Or you may create a specific VPN for development team members to accommodate their building key feature enhancements to internal core business applications.

Emergencies like these happen and that’s why organizations create business continuity plans in the first place. Companies need to use these opportunities to validate and scale work from home assumptions. Make sure your VPN and broader security strategy covers all applications your workforce needs to do their jobs no matter where those applications reside. Following the above tips can go a long way to ensure organizations’ security without sacrificing employee productivity.


Forcepoint Deepens Relationship with Amazon Web Services; Offers Security Solutions Through AWS Security Hub

March 2, 2020

Forcepoint DLP is one of the first data loss protection technologies to integrate with AWS Security Hub, alongside CASB and NGFW offerings

MUMBAI/BENGALURU, India – March 2, 2020 – Global cybersecurity leader Forcepoint today announced that three of its products are fully integrated and available through AWS Security Hub, providing up to 40,000 enterprises worldwide with a comprehensive, aggregated view of security alerts generated by Forcepoint’s risk-adaptive cybersecurity solutions.

Forcepoint DLP is one of the first data loss protection products to integrate with AWS Security Hub, while Forcepoint CASB is the second cloud access security broker product offered by Forcepoint in co-operation with the service. Integration with Forcepoint’s NGFW is now also available through AWS Security Hub, offering customers visibility across both their on-premises and Amazon Web Services (AWS) environments. All three Forcepoint services went live on February 20.

Part of Forcepoint’s robust and open technology partner ecosystem, the AWS Security Hub integrations are designed to help enterprises extract more value from their existing security investments while keeping users and data at the center of their cybersecurity architecture.

AWS Security Hub offers security professionals a comprehensive view of high priority security alerts and compliance status across their AWS accounts and using a wide range of security tools.

In today’s fluid-perimeter world enterprises are facing the Sisyphean task of protecting both their valuable data and their people from cyberattack, data breach or insider threat. We understand that enterprises need frictionless cybersecurity partners who can help future-proof security architectures through interoperability with an open ecosystem,” said Nicolas Fischbach, CTO, Forcepoint. “Our co-operation with AWS offers our customers direct insight into security findings across a range of leading Forcepoint products, making it a more efficient process to manage and remediate incidents.”

We’re happy to enable customers with a Forcepoint AWS Security Hub integration. AWS Security Hub makes it easier for customers to identify and manage all of their AWS-related security and compliance findings,” commented Dan Plastina, Vice President, Security Services, Amazon Web Services, Inc. “Enabling users to obtain meaningful insights from Forcepoint DLP right alongside the findings provided by AWS and other partners lets our customers do more, in less time.”

Forcepoint’s technology partner ecosystem

Announced in February 2019, Forcepoint’s Technology Partner Ecosystem is designed to enable customers to achieve their digital transformation outcomes, whether they are operating in a cloud-only, hybrid architecture or on-premises environment. Only Forcepoint today offers a cloud-first, hybrid-ready behavior-based security platform delivering user, data and edge protection for enterprises and government agencies around the world.

Forcepoint aims to simplify collaboration between vendors to create an integrated security stack, with partners spanning risk-adaptive support, data and edge protection and infrastructure and app integrations.

Today’s IT decision makers should align their organizations around an end-to-end view of enterprise security and information protection, and that includes cloud environments,” Fischbach concluded. “Today’s cloud security requires utilizing converged services, which is key to consolidating the number of tools in a security infrastructure for maximum effectiveness and reduced operational burden.”

Forcepoint’s technology alliances include AWS, IBM Security, Microsoft, Citrix, Boldon James, Ping Identity, Okta and more.

Resources:

Forcepoint Integration with AWS Blog

Harnessing the Power of The Cloud Starts with Securing It Whitepaper

Video demos: DLP, CASB and NGFW

Amazon Security Hub Solution Page

Amazon Security Hub FAQs

# # #

About Forcepoint

Forcepoint is the global cybersecurity leader for user and data protection. Forcepoint’s behavior-based solutions adapt to risk in real-time and are delivered through a converged security platform that protects network users and cloud access, prevents confidential data from leaving the corporate network, and eliminates breaches caused by insiders. Based in Austin, Texas, Forcepoint creates safe, trusted environments for thousands of enterprise and government customers and their employees in more than 150 countries. www.forcepoint.com

Join Forcepoint on Social Media

Facebook: https://www.facebook.com/ForcepointLLC/

LinkedIn: https://www.linkedin.com/company/forcepoint

Twitter: https://www.twitter.com/forcepointsec Instagram: https://www.instagram.com/forcepoint


%d bloggers like this: