Security and visibility when users are not in the office

Secure remote worker use case 2: Security and visibility of data and traffic

As we now accept the new norm, combating malicious cyberthreats comes down to two things: visibility and control. If you can monitor traffic flowing to and from users’ devices and control how that traffic behaves and is secured, a malicious actor would be hard pressed to infiltrate your network and do harm.

But therein lies the rub. Gaining visibility into Internet traffic is extremely difficult for corporate IT teams as users increasingly access data center and SaaS apps from outside the corporate firewall. This prevents security teams from seeing what users are downloading to their devices—effectively leaving remote devices vulnerable to phishing attacks that attempt to trick users into clicking on a malicious link or downloading a malware-infected attachment or file. Any attempt to gain visibility and control over that traffic through a VPN tends to slow the browsing experience, hamper productivity, and get pushback from users.

Many organizations try to get past this vulnerability by using split tunneling, a technique that continues to secure traffic to data center apps via a VPN while letting users connect directly to the Internet with little to no controls. But this strategy is extremely risky. Malicious actors know that users are unprotected and are increasingly using spearphishing to trick them into downloading malware or giving up their SaaS credentials into a fake web form. Making things worse is the fact that 90 percent of websites today use the HTTPS protocol to improve security between the user and the website through encryption. On the surface, this seems like a good thing. A user logging in to a SaaS platform or webmail should have their credentials encrypted. The problem is that traditional security infrastructure is not able to monitor SSL transmissions—making them an ideal vehicle for malicious activity. With no visibility or control into communications between remote workers and the web-based tools they need to access, corporate security teams are in the dark about whether users’ devices have been compromised.

Here at Menlo Security, we’ve come to the conclusion that cloud-delivered security is the only way to protect today’s users. This strategy ensures that policies follow remote users wherever business takes them—whether it’s a branch office, a customer site, a home office, or any public Wi-Fi. A cloud-based secure web gateway (SWG) acts as the central security control point for all traffic, providing a separate security layer in the cloud through which all web traffic flows. It’s here where security policies can be applied, ensuring policy enforcement regardless of whether the user is behind a firewall or logging in from public Wi-Fi.

The ability to deliver consistent security policies through the cloud to remote users wherever they log in enables a more robust security posture while giving security teams visibility into cyberthreats. An isolate-or-block approach for all web traffic, email links, attachments, and file downloads ensures 100 percent malware-free email and web browsing—allowing users to browse the web and click with impunity without posing a risk to the organization.

The visibility and control provided by our cloud-delivered SWG allows security teams to monitor data and apply security controls such as URL filtering, SaaS access control, and data loss protection (DLP) services. Essentially, security teams are able to secure users and monitor traffic just as if they were in the data center behind the corporate firewall. Only now security controls are applied via software—a more cost-efficient and scalable way to ensure that all users are protected at all times.

With Menlo’s cloud-delivered security, it doesn’t matter if users click on a malicious link or attempt to download a compromised document. It doesn’t matter if a whitelisted website is suddenly compromised. It doesn’t matter if the browser being used hasn’t been patched. Whatever malware that users encounter is executed in the cloud—cutting off any access to users’ devices, the corporate network, or business solutions. Read our new ebook, Securing the Future of Work, to learn how you and your organization can intelligently transition to this new normal.

‍Please do not hesitate to contact us with any questions.