One security policy to rule them all: securing the remote workforce

February 2008 Information Security

Lifestyles and values have changed – and so has the workplace. A remote workforce has become a vital part of most organisations' operations.

The benefits? Workers are more productive, the company does not have to maintain as much real estate and even the environment benefits with less congestion and pollution. However, remote workers introduce new security vulnerabilities to the company's network and data. Minimising and controlling this risk calls for a security policy for remote workers, including both technical and behavioural elements.

Since remote workers function in an uncontrolled and often unprotected environment, the primary danger is that they may introduce threats such as malware to the company's network, or unknowingly enable hackers or intruders with malicious intent to gain unauthorised access to sensitive company information. Regardless of whether employees use their own or company laptops and PCs, the organisation remains responsible for protecting its information assets and operations. Security procedures, policies and technologies thus need to be extended beyond the boundaries of the organisation to include remote workers.

Mobile workers need to be aware of the risk they pose to the organisation and of their own vulnerabilities. A security policy for mobile workers should thus comprise guidelines for not only the configuration, use and care of the physical client device (eg, laptop, PC, PDA); but the management of applications and software on the device, including version updates and security patches; the securitisation and backup of data or information stored on the device; and securing the remote office.

While technology can be of significant assistance in automating some of these management and housekeeping tasks, it is critical to communicate policy to remote workers clearly, provide regular updates, and constantly monitor and enforce the policy.

Security technologies

IT departments' key concerns with regard to mobile workers include:

* Securing the connection between the mobile user and the corporate network.

* Putting in place a firewall, intrusion detection and prevention solutions.

* Implementing access control and authorisation.

* Automating management of patches and updates.

* Designing an enforceable strategy for data backup and recovery.

A virtual private network (VPN) will provide a safe connection between the user and the corporate network. There are two popular options, an IPSec VPN or an SSL VPN. An IPSec VPN routes traffic through the company firewall and is typically ideal for site-to-site connectivity. Since it requires that VPN client software be loaded on all remote users' laptops or PCs it can, however, become complex and unwieldy to manage. An SSL-VPN appliance provides greater simplicity. There is no need to install client software - all the remote user needs is a standard Web browser.

However, there is no point in having a secure communication 'tunnel' if the data being transferred is corrupt or contains malware. To minimise this risk a unified threat management (UTM) firewall can be implemented. It will scan all network traffic for threats, automatically update signatures against network threats on a continual basis and maintain comprehensive protection against worms, viruses, Trojans, spyware and other malware. A global management tool can also be used to ensure Web browsers and operating systems on remote devices are appropriately configured and maintained.

Together, a VPN and firewall take care of perimeter protection and secure remote access. Internal protection may also be necessary, however, as remote workers often access the corporate network directly from the company's premises, plugging storage devices or laptops into the network. Enforced desktop threat prevention will prevent users from logging onto the network if their computer is infected, while firewalls with LAN switching capabilities can secure particular 'zones', such as networks, servers or internal workgroups.

The next challenge is to ensure the right people have access to the right data. SSL VPN technologies make this a breeze, allowing the administrator to authorise access to defined resources for individuals and groups.

The final hurdle is backup and recovery. Mobile storage media and appliances can be lost or accidentally damaged so ensuring availability of important data is critical to business continuity. Backup thus needs to be done regularly and, where possible, automated. Offsite backup is particularly important in the case of loss or damage to the device on which the data was created, while continuous data protection (CDP) technologies will automatically replicate any new or changed data in realtime.

To leverage the tremendous benefits and opportunities this new mobile segment of the workforce offers, security is essential. It need not be difficult, however. Security technologies are continually evolving to counter new threats. They are also becoming easier to implement and manage, and more affordable. In fact, many solutions that were previously only available to the enterprise are now within reach of small and medium enterprises.

Martin Tassev is the MD at Loophold Security Distribution.

For details contact Loophold Security Distribution, +27 (0)11 575 0004, [email protected], www.loophold.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
DeepSneak deception
Information Security News & Events
Kaspersky Global Research & Analysis researchers have discovered a new malicious campaign which is distributing a Trojan through a fake DeepSeek-R1 Large Language Model (LLM) app for PCs.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Survey highlights cost of cyberdamage to industrial companies
Kaspersky Information Security News & Events
The majority of industrial organisations estimate their financial losses caused by cyberattacks to be over $1 million, while almost one in four report losses exceeding $5 million, and for some, it surpasses $10 million.

Read more...
Digital economy needs an agile approach to cybersecurity
Information Security News & Events
South Africa is the most targeted country in Africa when it comes to infostealer and ransomware attacks. Being at the forefront of the continent’s digital transformation puts South Africa in the crosshairs for sophisticated cyberattacks

Read more...
SIEM rule threat coverage validation
Information Security News & Events
New AI-detection engineering assistant from Cymulate automates SIEM rule validation for SecOps and blue teams by streamlining threat detection engineering with automated testing, control integrations and enhanced detections.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.