Prior to March 2020, many companies operated entirely in person from one corporate office. That gave IT teams a certain level of control over employee workstations, making it easier to keep networks secure. But once the COVID-19 pandemic hit, many organizations made the shift to a remote or hybrid work environment—and with so many employees suddenly working from home, IT teams had to scramble to ensure their remote workstations were as secure as possible.
Fast forward 18+ months—and for many of those companies, the shift to remote or hybrid work has become permanent. So now, the question is, how can CIOs and their teams secure the employee workstation for the long haul—and ensure their employees’ devices and networks are safe, wherever they may be working?
We asked Charles Edge, CTO of start-up consultancy Bootstrappers.mn, for his insights. Edge has decades of experience in technology and is the author of several books on endpoint security. Here’s what he had to say:
Add multiple layers of security
When it comes to employee workstations, “the two main risks we see are the assets a given employee has and then the ability to move laterally in an organization if someone gets compromised—[or, in other words], the ability to attack other computers or systems within an organization once an attacker gains a footing [through an individual employee’s workstation],” says Charles Edge.
That could translate to “a phishing attack that results in an employee entering their credentials on a fake login page,” says Edge. “Or maybe that means, if a device is compromised, that an attacker can move to another device in the organization or a cloud service.”
That’s why, if CIOs want secure workstations for their teams—whether their employees are working at home, in the office, or a combination of both—adding multiple layers of protection is a must.
This can include things like “scanning data on a device, monitoring network connections, and replacing traditional VPNs with Zero Trust Network Access (ZTNA) options. The Zero Trust model assumes devices are not on a secured network and so, trusts nothing. Instead, it continuously validates that a device meets a given security posture and requires authentication and authorization to gain access to services,” says Edge. “This allows us to find persistent threats, see suspicious activity, and limit the capabilities for attackers to move laterally.”
The more layers of security you have on employee workstations, the higher the likelihood that you’ll catch potential security risks before they become a major problem—and the more secure your company will be as a result.
Choose the best tools to secure your workstations
In a perfect world, you’d be able to leverage a single tool or software to ensure secure workstations. But the truth is, we don’t live in a perfect world—and there is no one-size-fits-all solution to creating secure workstations. “Security has become a vendor-centric situation; no single vendor provides great tools for each category of software and for each platform,” says Edge. “So we want to find the best tools for each.”
The “best” tools, whether that’s anti-malware, access management, or web and email security tools, will depend on your company’s specific situation. For example, if your entire team is remote—and logging in from their own devices and networks—you’d probably want to invest more in device management tools than you would with a primarily in-office team or an environment where employees only work remotely on occasion. As CIO, it’s important to really look at how your company is structured and what kind of workstations your employees need—and then do your research to find the best tools to fit those needs.
Choosing the best tools to secure your workstations is one part of the equation. But if you want to keep your workstations secure over the long-term, it’s important to ensure that you’re keeping all of those tools up to date.
“One of the most effective ways we can increase our security footprint is to make sure our tools are checking in and updating routinely,” says Edge. “That’s different for each vendor, but making sure we can use webhooks or a REST API [a programming interface for web services] for each is important, as is integrating them with our SEIM (Security Information and Event Information) package.”
Train your team on how to stay safe
As CIO, you can take every step in the world to secure the workstation—but if your employees don’t understand how to safely navigate their workstation, your company is going to be at risk.
For example, “we can secure devices all day long—but the biggest risk is the humans that use [those devices],” says Edge. “They might use a weak password, provide a password in a fake page based on an email from a phishing attack, or on the supply chain side, even use insecure code in their code.”
That’s why, if secure workstations are a priority, training your team on how to keep their workstation secure is an absolute must. “Good training goes a long way to mitigate…risk,” says Edge.
Train your employees on cybersecurity risks—and how to keep their workstations, devices, and sensitive company data and information safe, whether they’re working from home, from the office, or navigating work from a mobile device.
If you’re introducing new security software, make sure your employees go through any relevant training the software company offers so they know how the tool works—and how they need to work with it. If you think your employees need additional support, consider hiring a consultant or third-party security training company to help get them up to speed. However, keep in mind that not all training is created equal. “Most of the training we see out there is pretty generic and really only used to check a box on a security compliance form,” says Edge.
Training your employees on security will ensure that all the work you put into securing their workstations isn’t in vain—and that they utilize their workstations in the most secure way possible.
As CIO, it’s your job to ensure your employees’ workstations are secure. And with these tips, you have a great jumping off point for securing your team’s workstations—and keeping your company safe in the process.
Are you looking to know more about CIOs’ security challenges in the era of hybrid work? Read our white paper to find out:
Access White Paper
In our white paper “CIOs: Navigating the New Challenges of Hybrid Work”, you’ll discover: the 3 major challenges for CIOs in the era of hybrid work, concrete advice on how to accelerate your digital transformation, secure your workstations and improve the employee experience, as well as testimonials from 10 CIOs working in companies, administrations and associations.
Author: Deanna deBara