Greg Pepper has been an IT professional for 20+ years with expertise in Security, Networking and Cloud Computing. He started his career working for Sony Online Entertainment, Price Waterhouse Coopers and Organic.
Greg has spent the last 15 years working for Cisco and Check Point, helping customers to design, plan and implement secure networks throughout the Internet Edge, Campus Backbone, Data Center and Cloud Environments.
In this interview, Greg Pepper discusses how to secure a mobile workforce. His insights are particularly timely in the context of the coronavirus pandemic. Check out this exclusive, premium cyber security content.
2020 accelerated remote work initiatives. What were the major IT trends that you observed?
Mobile devices have multiplied exponentially. Mobile devices often contain significantly more information about people and enterprises than laptops ever have. Professional and personal information are often mixed, presenting hackers with high-value data that can be sold on the dark web. Extraction of this data may not only turn a profit for hackers, but it could also undermine careers or business ventures.
Mobile devices are deeply intertwined within our lives. The phones that we use for work may also be used by our children to download games or Pokemon apps. Not that such apps are necessarily responsible for the spread of malware, but we often don’t have as much control over our devices as we think or as we need. To that effect, paying attention to mobile security is imperative.
How are enterprises securing remote employees who connect to company resources over unsecured home and public networks?
These days, organizations should be able to secure any user, on any device, in any application.
Organizations should be considering the security associated with the users, their identity and corporate applications and networks. Focusing on ingress and egress connectivity for users in to the corporate networks, cloud networks and SAAS applications is of critical significance.
One approach uses SAAS for the security delivery to secure users’ ingress and egress traffic to the network and applications, Secure Access Services Edge (SASE) and Cloud Firewalls for egress content inspection. Traditional IPSec and SSL VPN still have a place for enterprises that have a large number of remote users with centralized data center deployments.
These can be deployed both clientful and clientless ways across Mac, PCs, Android and IOS devices. Lastly, on-device security controls to protect users’ laptops and virtual desktops, in addition to mobile devices, and tablets are a critical part of a defense-in-depth strategy for a secure remote workforce.
How do collaboration and productivity tools present cyber security challenges?
SAAS applications require new strategies and techniques for securing users, their identities and the SAAS applications. Using identity access management and privileged access management solutions to monitor user and device loggings is step one.
From there we need to consider the content and data being added to and removed from the collaboration tools. As new content (files/attachments) is being entered in to the collaboration tools, you need to inspect and analyze the files for malware, ransomware and other malicious content.
You need programmatic API ways to monitor for access and for threats. It used to be ‘let’s put the software on the endpoint to do all the stuff’. Or ‘let’s move all the traffic through the network to do all the stuff’. But now, the application that previously lived in the data center, it now lives in the cloud. It live in Slack. It lives in Zoom. It lives in O365. So, you know, we have API plug-ins. These days, we’re connected and tightly integrated with cloud applications. Once in the cloud, data needs to be monitored for egress data loss. Hackers and malicious threat actors are deeply interested in breaching data.
Organizations are doing similar things as compared to before, but they’re doing them differently. So you still need access controls and data loss prevention and advanced threat prevention and content scrubbing—You’re just doing it out of the cloud instead of via on-premise tools.
Are you seeing tradeoffs between productivity and security?
- Sadly productivity always wins over security in many/most (95+%) organizations.
- Many/most chose the easiest path of deployment and often deploy limited security controls across many solutions.
- VPN can be zero-trust for example, but VPNs are often deployed with all users having full access to all resources.
Have you seen any mobile workforce initiatives that aren’t sustainable?
- Those that have not started.
- Those that don’t consider the full scope of mobile initiatives.(users/devices/applications/security/training/support/refresh)
- Those that don’t include security from day one.
- Those that only use Mobile Device Management as security.
Did you like this interview? Check back for part 2, next week.