Securing Remote Work: Questions You Should Ask

No one could have anticipated the overnight need to rapidly pivot from working in an office to working remotely. Today, 76% of employees are working from home, needing remote access to corporate systems from all sorts of devices from unknown, potentially unsecure home networks. But with 68% of breaches originating on endpoints and bad actors intensifying pandemic-themed malware and phishing campaigns, IT and security teams are strained even more to keep remote workers productive and secure.

The expanding attack surface and the need for unified user and endpoint protection

As employees continue to work from home, organizations are looking to bolster their existing security measures by facilitating secure user access and protecting the devices workers use to access corporate resources. This trend intensifies the need for unified user and endpoint protection that integrates identity and access controls to their endpoint security strategy.

Cisco’s approach for securing remote work involves all this. We’re laser-focused on addressing these questions our customers ask.  How do we know that the person trying to connect to our network is really who they say they are? How do we know that their device isn’t infected with malware? And what about when users aren’t on the network? How do we prevent them from visiting malicious sites that may infect their devices, and in turn, the rest of our environment?

Cisco Secure Remote Worker protects users working from anywhere, at any time, on any device. Unlike other options that employ a multi-vendor approach to remote work protection, we make it simple, quick, and cost-effective for you to scale security controls for your remote work environment by providing comprehensive security from ONE source, one vendor – not many.

Evaluating alternative multi-vendor approaches: Questions you should ask

Recently, Crowdstrike announced its alliance with Okta, Netskope and Proofpoint to deliver an identity-centric solution to remote work security. With this move, Crowdstrike appears to be heading in the direction we had taken even before the pandemic when we announced our unified user and endpoint protection capabilities at the beginning of the year. What’s different? By not having all critical security controls in-house for remote work beyond just the endpoint piece, Crowdstrike needed to look outside their organization for a multi-vendor alliance.

When you’re looking at options for securing your remote work environment, consider asking the following questions as part of your evaluation process.

Are all solution components delivered by ONE vendor only or by multiple providers?

According to the Cisco 2020 CISO Benchmark Report, 81% of organizations find managing a multi-vendor environment to be challenging. Could a multi-vendor approach to securing remote work become a red flag for organizations that are looking to simplify their operations? Why deal with the extra cost, time and effort associated with having two, three or four separate deployments, configuration, management, support and services – when you can simplify all this with ONE security provider like Cisco?

Securing users wherever they work, on any device

Are the various tools integrated out of the box or do I have to do the integration work?

93% of organizations that are suffering from cyber fatigue indicate complexity as a top cause of security burnout, according to the same CISO Benchmark Report. Organizations are tired of getting stuck in the vortex of stitching up multiple products that don’t easily fit together. What you need is a turnkey integration that offers quicker time to protection.

Cisco has been on this cloud journey with our customers, constantly integrating our products so that they don’t have to waste resources by doing it themselves. And of course, the value of these back-end integrations is amplified by Cisco SecureX, delivering the front-end integration that generates remarkable time-to-value. So, when the pandemic happened, we were able to launch an integrated Secure Remote Worker solution in a matter of days, not months after the fact as the timing of this announcement from Crowdstrike suggests.

Is there a built-in platform included or do I have to bolt it on?

A February 2020 ESG Report states that 64% of organizations find it critical for security products to integrate with other security technologies. We take integration to another level with a security platform that’s built-in, not bolted on.  SecureX delivers coordinated defense across the entire Cisco and third-party security environment. This allows us to protect remote work with a cloud-native platform that delivers simplicity, unified visibility, and operational efficiency. And the outcomes with SecureX are staggering. 72% of customers state they eliminated investigation (detection and analysis) tasks, were able to visualize threats within an environment in half the time, and reduce time to respond and remediate an attack by as much as 85%. This reduction of complexity will also help to reduce the feelings of angst around securing a distributed workforce.

Our approach: Simple and integrated remote work security from ONE source

Unlike Crowdstrike’s multi-vendor approach, we offer a complete yet simple and integrated Secure Remote Worker solution: verifying identity; securing user access; protecting the cloud, email and endpoint; and delivering coordinated defense with our built-in SecureX platform against any threat to remote work. All from ONE vendor, not four.

 Verify users

Ensure that the users who are logging onto your network are actually who they say they are by using multi-factor authentication. MFA verifies the identity of all users with a second factor before granting access to corporate applications. With Cisco’s Duo Security, you can verify the identity of all users, and also inspect the devices requesting access your network to determine their security posture and trustworthiness. This prevents someone who has stolen legitimate credentials from gaining access to your network or sensitive systems.

 Enable secure access

Use a virtual private network (VPN) to securely connect to a corporate network from outside. With the Cisco AnyConnect Secure Mobility Client, you can safely allow employees to work from anywhere. It ensures that remote systems comply with a policy as part of the connection process. Non-compliant systems are prevented from accessing the network until they meet your policy requirements. Also, Cisco AnyConnect integrates with Cisco Duo, Cisco Umbrella, and Cisco AMP for Endpoints to provide more than just basic VPN functionality.

 Provide coordinated defense against any threat

Employ a built-in security platform approach to remote work protection across your entire security environment from the cloud, email and onto the endpoint. With Cisco Secure X, you can secure remote work with a cloud-native platform that delivers simplicity, unified visibility, and operational efficiency. Delivering a coordinated defense, Cisco SecureX works tighly with:

  • Cisco Umbrella to provide the first line of defense, blocking malicious domains, IP addresses, and cloud applications before a connection is ever established
  • Cisco Email Security to automate phishing investigations and drive quicker response actions, while providing visibility into key operational measures of your security portfolio
  • Cisco AMP for Endpoints to provide the last line of defense, protecting, detecting and responding to threats on a wide variety of devices across your environment

 Start securing your remote workforce. Sign up for our free trial today.