The COVID-19 pandemic has forced many firms to mobilize around work-from-home (WFH) to slow the virus’s spread, care for employee wellbeing, and ensure business continuity. Yet, the rapid and unplanned broadening of WFH instances weakens cyber resiliency, leading to increased exposure to cyber threats and, in a twist of fate, a step backwards in business continuity.
With WFH mobilizations, IT security operations will be strained to ensure:
- Control – Lacking logical and physical control of end-user devices and their access networks (e.g., home Wi-Fi), remotely enforcing corporate-defined security policies at these control points is not possible.
- Uniformity – Pre-WFH mobilization, end-user devices and networking components were standardized based on IT-defined specifications. In post-WFH mobilization, exceptions multiply, as do the challenges in maintaining a uniform level of security state for operations and employee roles of similar business criticality and cyber risk.
- Visibility – Absent a virtual presence on end-user’s devices and their access networks, security analysts are sensory deprived. Telemetry, used to build storylines of multi-stage attacks and compromised systems, is not as plentiful. Consequently, detection and response times lengthen, and post-incident, system-wide removal of adversaries’ silent malware and backdoors becomes less certain.
- Support – The ability to support end-users and the firm in general will be stretched as IT teams are also dislodged from their traditional work environments and routines. For example, as IT frequently has hands-on responsibilities in endpoint security (e.g., maintaining device inventory, deploying security agents, patching systems, scanning for software vulnerabilities, and configuring device, DNS, proxy, and host security settings), systematic follow-through on these responsibilities across a suddenly more diverse and remote IT footprint has the potential to suffer.
What IT Teams Need to Consider about Extending Endpoint Security
Extending endpoint security solutions into WFH environments can soften this operational strain and strengthen cyber resiliency. While endpoint security vendors are stepping up during this crisis with complimentary offerings, IDC recommends that IT security teams first consider the following solution attributes before enrolling in a free offering:
- Advanced, always-on protection and prevention capabilities
- End-user transparency
- Breadth of supported device platforms
- Ease of software agent installation and policy administration
- Technical support
To explore IDC’s additional perspectives on cyber resiliency during this pandemic crisis, read Endpoint Security Vendors Stepping Up to the COVID-19 Work-From-Home Mobilization
We also recommend reading IDC TechBrief: Self-Healing Incident Recoveryto learn more about a valuable endpoint security feature in recovering from ransomware attacks.
The coronavirus (COVID-19) pandemic is impacting the global economy at nearly every level. Anticipate market challenged and keep business moving with IDC’s extensive COVID-19 research and advice.