Securing Remote Employees in 2021

Security leaders and IT heads are often seen scratching their brows on the question of protecting endpoints for the growing army of remote employees who are not on a VPN.

Organizations are keen to secure remote workers as the average cost of a breach in the US has reached $8.64 million.1

Dispelling 4 Common Myths About Securing Remote Employees

Roughly 75% of organizations are expecting employees to increase remote work arrangements even after the pandemic.2 Others have deferred the decision to return employees to the office well into 2021. CISOs and IT heads have to protect remote workers without impeding productivity. Organizations must change their approach towards security and think beyond the traditional VPN. Common approaches continue to fall short. It’s time for security leaders to assess alternatives.

Myth #1
Get everyone on a VPN

VPNs have security gaps and introduce a scalability bottleneck for remote workers due to a circuitous route to cloud applications and limited concentrator ports

  • Scaling is expensive. Split tunneling opens business to higher risk
  • Attackers exploit known VPN vulnerabilities and patching increases downtime
  • VPNs doesn’t stop threats such as ransomware, phishing, credential theft, malvertising, etc.

Myth #2
Train employees

Security training improves awareness; however, despite training, users will continue to click on malicious links, leading to successful breaches.3

  • 4% of employees will click on a malicious link, no matter how much you train them 3
  • Three-quarter of security leaders express concerns about users clicking on risky links  4
  • As attackers evolve, users struggle to differentiate good from bad and fall prey4

Myth #3
Manage risk with content filters

Although content filtering enables organizations to enforce acceptable use of policies and also reduces the attack surface, users still face challenges.

  • Increased user of the cloud makes policy management with content filtering a challenging task
  • Content filtering is ineffective when attackers use ‘allowed’ domains to deliver threats

Myth #4
Endpoint protection can stop all threats

Although anti-virus solutions protect endpoints against file-based malware, file-less malware is able to bypass these protections because there is no signature to detect.

  • Anti-virus/malware solutions fail to keep pace with the emerging threats
  • Endpoint detection and response (EDR) solutions require the support of a security team to handle alerts in a timely manner

The increasing cost of mitigating ransomware and phishing attacks will sharpen the focus on isolation-based technologies for remote users, because prevention beats remediation every time.

How does remote browser isolation secure remote users?

Remote Browser Isolation delivers simple, safe and easy access to all employees using a Zero Trust Model. It eliminates a wide variety of threats, including ransomware, malware, phishing, credential theft, weaponized documents and more.

  • Prevents attacks using malicious links and websites
  • Moves the trust away from the endpoint and performs fetch, execute, and render remotely
  • Users experience seamless and secure browsing without compromise
  • Transforms all code and content into a visual stream of harmless pixels
  • Reduces the number of security alerts
  • Stops malicious downloads and infected ads

How not to let threats reach remote employees

Without relying on employees’ discretion to click on links, remote browser isolation prevents threats in an isolated environment and stops them from reaching gullible users.

References: 1 IBM’s 2020 Cost of Data Breach. 2 CISCO Systems Report. 3 Verizon’s 2019 DBIR. 4 Cyberinc internal survey

Start typing and press Enter to search