Securely Transitioning to a Teleworker Model

Key Takeaways:

• Transitioning to a remote workforce has its challenges in terms of logistics to get people up and running from their home offices. Organizations also need to prioritize reducing this new attack surface by consistently protecting their users and data across all platforms.
• Most Fortinet customers already have many of the tools they need to implement a security architecture that can provide an efficient and secure transition to a remote workforce.
• If it isn’t already, your BCDR (business continuity/disaster recovery) plan should be updated with a step-by-step guide for a rapid transition to a teleworker model that can be executed to prevent business disruptions

Executive Summary:

Scenario:

• A crisis that halts/slows down business operations via:
  • Pandemics
  • Acts of Terror
  • Natural Disasters
  • Loss of critical infrastructure – water, electricity, transportation, etc.

Risks of Teleworking:

• Exposure of data and resources to theft or malware by authorizing access from devices with limited or no organizational control
  • Vulnerable BYOD
• Limited visibility and control over the home networks from which remote workers are accessing corporate resources
  • Breaches resulting from direct access to cloud assets
• Service disruption caused by a large number of remote workers needing simultaneous access to networked resources

Challenges of teleworking:

• Finding a secure and scalable solution that can quickly transition a workforce to secure remote worker status with limited downtime
• Improving operational efficiency by providing remote workers with quick and secure access to networked resources
• Training novice remote workers to prevent overwhelming helpdesk resources
• Controlling access from remote users without being too restrictive on their data access

Goal of a secure teleworking solution:

• Quick and secure transition to employees working offsite 
• Minimal business disruption by enabling teams to have continued efficiency and productivity
• Automated responses that can improve operational efficiency and reduce the attack surface

Fortinet’s Security Fabric is designed to address:

• Ineffective and inefficient responses to malware breaches on the endpoint due to poor endpoint detection capabilities and the reliance on manual responses
• Breaches caused from insecure cloud access
• Malicious actors caused by lack of visibility and control due to remote users logging in from various devices and unsecured home networks

Comparing the Security Fabric with other security architectures:

• Establishes a comprehensive end-to-end security architecture that provides extensive integration to different solutions, both on and off the organizational network
• Enables secure and scalable implementation of a remote workforce by protecting remote users across all attack vectors
• Provides consistent security protection for organizations of any size by providing advanced visibility, automated responses, and central management

Full Blog:

Due to the recent pandemic that’s sweeping across the globe and affecting all industries, many companies are finding themselves stuck in a precarious situation and with a tough question to answer. “How can we quickly and effectively transition our workforce to mostly (if not all) remote users?”

Working remotely has its pros and cons, and in spite of some cultural resistance to the idea, for many employees it can actually be much more productive than requiring them to head into an actual office. However, for employers that have not already adopted teleworker solutions, rapidly switching most or all of their users to working remotely can be a technical nightmare if done improperly. Business disruption and the loss of operational continuity is top of the mind for every CISO, and to minimize those disruptions, organizations of any size should already have a BCDR (business continuity/disaster recover) plan in place. But for organizations that don’t, they now find themselves needing to quickly figure out how to quickly and securely transition their workforce to remote teleworker status.

As anyone who has had to do this before understands, switching your workforce to a remote user model can have its challenges. For one, the workforce needs to remain operationally efficient to still produce results – as well as instill a sense of normalcy to its employees. Business disruption is a critical issue, and organizations need to consider how to ensure that the technical implementations of your plan lead to no/minimal business disruptions, enable your employees to quickly access internal resources, and securely protecting them and the data they are accessing. The fallout from not being able to answer these questions can cause far more than just a few headaches for many organizations.

With users now using either personal or corporate devices to connect to a wide range of corporate resources – now highly distributed due to digital transformation – and doing some from home networks that may or may not be secured, increasing vulnerabilities and exploits making their way to – and onto – your network are a thing of certainty. Fortunately, the primary principles of security still apply across the board. That is:

• Protect your data

To protect your data, along with users operating from a remote location, organizations must figure out:

• Where is my data located?
• Who needs access to my data?
• What do they need to do with my data?

Let’s take the fictional Acme Corp with 5000 employees as an example. They are dealing with the current pandemic that has forced them to move all 5000 employees to remote worker status.

They have also identified that, due to digital transformation, their data is located both on-premises as well as in the cloud. The company is using Salesforce and other SaaS applications, so they need to make sure that those SaaS applications and related data in the cloud are secure, and that the security team has visibility into who is using them and what they are doing. Additionally, they want to protect their users and make sure that any devices they are using to access internal resources are protected.

The company has a limited security team and so they have to find a solution that is not only efficient and scalable, but also fairly simple to implement. The networking team needs to be able to centrally control users’ endpoints and apply patching and update security applications to any devices that the company manages. In the end, they decided to implement Fortinet’s Security Fabric to resolve their telework issues and overcome related security challenges.

The two teams start by implementing FortiToken and FortiAuthenticator to provide multifactor authentication and single sign-on. They then deploy FortiEDR and FortiClient to provide strong endpoint protection with automatic remediation. This enables their workforce to remotely access all of the same resources and applications that they normally used when connecting from the office. FortiClient enables the networking team to provide advanced prevention protection and scalable VPN deployments to deploy to any devices that the organization manages. The security team then implements FortiEDR to compliment FortiClient by providing advanced detection and response protection. Automation Playbooks can also be created to improve time to resolution and reduce manual interventions, from detection to resolution.

For unmanaged (as well as managed) devices, FortiNAC is implemented to gain visibility into all devices seeking network access. FortiNAC enables the two teams to work together to gain full visibility into devices accessing their network, create policies to control what those devices are able to do once connected, and then provide ongoing monitoring combined with automated threat responses. This enables the teams to allow access to internal resources while still protecting the internal network from malicious actors.

Finally, the security team leverages FortiCASB for visibility and protection for SaaS applications. FortiCASB extends data-centric security policies to the cloud, protecting valuable data, and ensures that SaaS usage aligns with compliance requirements. In this example, they can use FortiCASB to gain visibility and control over their Salesforce and Office 365 applications. FortiCASB can answer questions like:

• Who is using Salesforce?
• What data is being shared?
• Are there any compliance violations?

Finally, all of these solutions can be integrated together through the Fortinet Security Fabric platform. Unified management, configuration, and orchestration is key for reducing the time and overhead required to establish and maintain visibility and control across their new remote workforce.

Implementing Fortinet’s Security Fabric also helps Acme Corp. meet and maintain their compliance requirements when moving their workforce to remote status. It also helps reduce their attack surface by providing full visibility into devices accessing internal resources, controlling the actions they can take, and automating responses to reduce inefficiencies.

And finally, Fortinet’s Security Fabric can be deployed in any environment, including every major cloud platform and in multiple form factors, and still work as a single, integrated security system. This makes it the most comprehensive end to end security solution in the industry, enabling flexible deployment architectures and protection across all platforms.

To join our FUSE community, please click here.

Check out our latest events here

Subscribe to our Youtube community here!

If you have technical questions or need assistance contact us at telework@fortinet.com

 #fortinet #securityfabric #teleworking #fortinac #fortiedr #forticlient #forticasb