These are unprecedented times. As countries around the world struggle to contain and respond to the COVID-19 pandemic, businesses of all sizes and across all industries find themselves suddenly trying to maintain business continuity with an entirely remote, work-from-home workforce. As a result of the dramatic spike in remote endpoints—many of which are personal computers and mobile devices that have not been vetted or protected by IT—organizations are also exposed to significant risk and they’re scrambling to implement appropriate security measures. Many security vendors are stepping up to help—including Qualys, which recently announced that it is making Qualys Remote Endpoint Protection available free for 60 days.
Completely Remote Workforce
It’s fortunate that this pandemic is happening now. It’s never good to have a pandemic, or a forced quarantine that shuts down much of the economy, but if it is going to happen at all, it’s good that it is happening now. At least we have laptops and smartphones, and high-speed broadband, and videoconferencing platforms that perform reasonably well, allowing many workers to simply continue doing their jobs from wherever they are and providing a means for teams to actively collaborate and work together.
There are a number of related security concerns as well, though. Cybercriminals have rushed to take advantage of the chaos—targeting healthcare facilities with ransomware attacks and escalating phishing and related attacks against remote workers. Social distancing and shelter-in-place orders have also resulted in exponential growth for collaboration platforms—and uncovered vulnerabilities and security issues.
Zooming to Leaks and Vulnerabilities
There are a variety of collaboration and videoconferencing platforms out there but Zoom quickly emerged as the de facto choice for meetings during Coronavirus quarantine. Whether it’s for virtual classrooms for kids who now find themselves homeschooling, work meetings with remote coworkers, or impromptu gatherings with friends and family, millions of people have turned to Zoom.
Being in the spotlight has consequences as well, though. Stories emerged of Zoom sharing private information with Facebook, and that the end-to-end encryption was not providing the security users were promised. A number of vulnerabilities in the Zoom software itself were also revealed. To their credit, Zoom has been very responsive in stepping up to address and resolve these issues, but it also highlights the need for organizations to have security in place to protect these remote endpoints.
Qualys Remote Endpoint Protection
From a business and infrastructure perspective, it also helps that many organizations have already moved to the cloud and leverage cloud-based SaaS (Software-as-a-Service) tools. Existing Qualys Cloud Platform customers can quickly and easily take advantage of the new Remote Endpoint Protection capabilities to provide complete visibility of these disparate remote devices, as well as the ability to remotely patch vulnerabilities on those endpoints.
The Qualys Remote Endpoint Protection offering delivers:
- Tracking up-to-date inventory of all remote endpoints and the applications running on them
- Real-time view of critical remote endpoint vulnerabilities impacting the OS and applications
- Remote patching of remote endpoint systems – even over VPN connections with limited bandwidth available
- Ability to track common misconfigurations that leave endpoints exposed to exploits
- Single pane of glass for security and executive management
A blog post about the Qualys Remote Endpoint Protection announcement sums up, “Effective immediately, Qualys, Inc. will provide its new cloud-based Remote Endpoint Protection solution at no cost for organizations to allow security teams to gain instant and continuous visibility of remote computers. Security teams will be able to identify missing patches for critical vulnerabilities and deploy them from the cloud. The patches are delivered securely and directly from vendors’ websites and content delivery networks to ensure there is little to no impact on internet connectivity and bandwidth of the organization.”
As you navigate the COVID-19 pandemic and quarantine, you need to expand the scope of your security infrastructure to encompass these remote endpoints. Qualys is offering Qualys Remote Endpoint Protection free for 60 days, so you have nothing to lose in taking a look at it.
*** This is a Security Bloggers Network syndicated blog from Security – TechSpective authored by Tony Bradley. Read the original post at: https://techspective.net/2020/04/10/remote-workers-dont-have-to-be-insecure-workers/?utm_source=rss&utm_medium=rss&utm_campaign=remote-workers-dont-have-to-be-insecure-workers