sb-as logo
Story image

Mobility workforce a security headache

Businesses need to rethink how they are protecting sensitive company information that is transmitted between remote employees in the wake of the mobile workforce.

According to Palo Alto Networks, organisations’ mobile workforces don’t have the same level of protection as most core business IT systems.

This has resulted in increased attention from hackers.

“When employees leave the building, the IT team loses visibility into the state of that employees’ online traffic,” the company says. “This makes it much harder to actively identify and prevent malicious exploits, malware, or malicious websites from compromising mobile devices and their remote network connection.”

If a portable device, such as a notebook computer, is compromised and infected with malware while an employee is out of the office, it can be potentially be controlled by an attacker when it is back in the office, Palo Alto Networks warns. “This effectively opens the door for the hacker to gain remote control of internal systems.”

Security teams have typically approached the issue of mobile security as a matter of remote access and secure connectivity, providing the mobile workforce with a virtual private network (VPN) client to connect to internal business systems with some level of protection.

While VPNs let remote workers access the corporate network relatively safely, not all of them provide the level of protection needed to guard against all of today’s latest threats, some of which can reach the end user whether or not a VPN connection is in place, the company says..

“The typical VPN appliance lacks the ability to inspect traffic or understand its content,” says

Sean Duca, CSO of Asia Pacific at Palo Alto Networks.

“This means it could potentially become a conduit for threats both to and from the corporate network.”

 Duca says connectivity without security is too dangerous in today’s threat landscape.

“As well as VPNs, companies should implement security solutions that give them visibility into the traffic going to and from remote devices,” he says.

“This way, threats can be spotted before they become a problem, no matter where they come from.

“Remote users are an extension to organisations’ internal systems, we need to protect them as much as we protect our internal systems because they are the last line of defence when they are remote,” Duca adds.

Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More
Story image
COVID-related email subjects biggest threat in phishing scams
Coronavirus-related email subjects remain the biggest threat in phishing scams, a new study has found.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
BlackBerry partners with ServiceNow for incident response management
BlackBerry has announced it has entered into a partnership with ServiceNow to integrate the BlackBerry AtHoc service within the Now platform for rapid crisis communications and IT service management. More