businesses are closing offices and asking employees to work from home

61%

63% | 60%

95%

80%7/10

85%

20%^

50%

traditional firewall and VPNare failing to deliver

Inventory assets. Identify all legitimate endpoints (including BYODs) connecting to your network computing infrastructure. Be able to pivot and better support increasing network traffic, including with supply chain partners, with help from the cloud.

Identify traffic at an advanced application level. Ensure you have protection and processes against suspicious macro enablement, file-less malware threats, and distributed denial of service (DDoS) inlets.

Leverage cloud-based security solutions to rapidly deploy always-on protection that follows users wherever they go, even when people are not using the enterprise VPN.

Ensure you have the ability to quarantine or isolate suspicious or known-infected hosts to reduce the risk of lateral malware spread.

Make your company a far more difficult target. Protect your authentic users with not only antivirus and antispyware, but multiple-factor authentication and endpoint detection and response (EDR). Encrypt data on the endpoint device’s disk and across the WAN at large.

Microsegment. Split WAN traffic into subnetworks to secure communications from workstation to workstation, workstation to server, and server to server, reducing attack surface and risk.

6 best practices for securing remote workers:

“By 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less

than 1% at year-end 2018.” ¹⁰

www.opaq.com

Footnotes

1) iPass: “An iPass survey – 2018 Mobile Security Report,” March 2018.

2) 451 Research: “The Shift to Security as a Service.”

3) IBM: IBM X-Force Threat Intelligence Index, 2019.

4) Syntonic, “Syntonic-ISG Research Reveals Employee Apprehension to Use Personal Devices for Work Due to Lack of Reimbursement, Jeopardizing BYOD Productivity Gains,” Nov. 2016.

5) Upwork: “Future Workforce Report,” Feb. 2018.

6) Ponemon: “2018 State of Endpoint Security Risk,” 2018.

7) Lookout, “Mobile phishing 2018: Myths and Facts Facing Every Modern Enterprise Today,” 2018.

8) Ponemon Institute: “The 2017 State of Endpoint Security Risk.”

9) Verizon: “2017 Data Breach Investigations Report.”

10) Gartner: “The Future of Network Security Is in the Cloud,” Aug. 30, 2019.

Security risks

Nearly half of CIOs said bring your own device (BYOD) initiatives had increased security risks 1.

The rate at which mobile users are falling for phishing attacks on mobile devices has risen an average of 85% per year since 2011 7.

87% of companies rely on employees using personal devices to access business apps 5.

95% of cybersecurity breaches are the result of human error, the attacker most often gaining a foothold through prone end users and not the IT department 4.

A 2018 study discovered a 20% increase in the number of companies compromised by attacks originating at their endpoints 6.

7 out of 10 organizations did not believe antivirus protection was enough to prevent attacks against their systems 8.

61% of recorded breach victims were companies with less than 1,000 employees 9.

SECURING REMOTE WORKERS using a secure access service edge (SASE)

63% of U.S. companies have remote workers1 and more than 60% say they have moderate to no visibility over all their distributed network assets 3.

1

2

3

surrounding remote workers are worse than you might think

Digital and workforce transformation has given us persistent drivers for remote access, such as work-life balance, distributed workforce and the adoption of cloud. COVID-19 is driving this transformation to an extreme and changing the way network

access and security must be delivered. The model is called Secure Access Service Edge (SASE), as dubbed by Gartner, a

leading global IT research and advisory firm.

Social distancing will reduce the risk of contagious diseases from spreading. All those workers logging into your VPN from home

will challenge both your network capacity and endpoint protection. With far more devices now connecting to the

corporate internet, firewall and VPN systems than they were designed for, network performance will suffer. Employees

looking to be productive will bypass the security of your VPN in order to access cloud services. This is especially concerning

because they will likely also be doing this from their personal computers, on which you have no security controls at all.

You can reduce the risk of contagious physical viruses spreading through remote access and social distancing, but you have

to be able to pivot for changing network capacity and endpoint protection scenarios.

Can you support (or afford) the sudden burst of additional remote connections into your network ecosystem? Once a remote worker’s home computer is infected (and it may already be), your VPN may well provide the conduit for malware or ransomware to spread across your enterprise.

“Only 46% of companies reported confidence that their mobile employees were using the

VPN.” ¹ (An iPass survey –“2018 Mobile Security Report”)

46% confidence

With ransomware and other malware figuring in more than 90% of cyberattacks, one wrong click or download by the end-user and the infection can spread laterally (east-west) across the internal network.

90% CYBERATTACKS

Can you support and afford to trust the sudden burst of additional remote connections into your network ecosystem? Once the edge of your network is

infected, virtual viruses and malware like ransomware can spread.

5

4

3

Gartner