nCipher Security Blog

How to secure your organization and its rapidly expanding remote workforce

Cindy Provin | SVP Entrust Datacard and General Manager, nCipher Security More About This Author >

Telecommuting has been on the rise for years. The number of remote workers in the U.S. increased 159% between 2005 and 2017. Earlier this year, seven million people in the U.S. – or 3.4% of the population – worked remotely. And 43% of Americans did remote work occasionally.

Then the world changed. With the COVID 19 pandemic, politicians and public health officials called for physical distancing. Businesses created new policies to enable more employees to work from home to keep them safe. And the digital transformation many of us talked about for years suddenly became reality.

The work-from-home movement has exploded

By March 2020, 31% of Americans said their employers offered them the ability to work remotely. By early April, that share of U.S. workers had shot up to 62%, according to Gallup.

As one reporter observed the “outbreak has triggered an anxious trial run for remote work at a grand scale. What we learn in the next few months could help shape a future of work that might have been inevitable” with or without this crisis.

Security has always been important for connected businesses – which is to say all businesses. But, amid this remote work expansion, security and identity are now more important than ever.

VPNs are vulnerable and cybersecurity attacks are on the rise

The challenge is that telecommuters don’t have the protections of their corporate network.

Many organizations try to address that by asking remote workers to log in via a VPN. However, organizations don’t always have enough VPNs to go around amid the sudden work-from-home movement. And VPNs alone aren’t a foolproof method of cybersecurity.

The Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security recently issued an alert noting the vulnerabilities created by working from home. It said that VPNs are not always updated and are increasingly being targeted by cyber attackers.

Malicious parties may increase phishing emails targeting teleworkers, CISA added. Indeed, reports suggest phishing increased 667% between the end of February and late March. CISA said that organizations that do not use multi-factor authentication (MFA) for remote access are particularly susceptible to phishing, in which scammers use email or text to get personal data.

CISOs need to take quick action – and be ready to scale as needed

That means chief information security officers (CISOs) must act now to safeguard their businesses. That action should enable all knowledge-based employees to work from home on a permanent basis.

This makes sense given the recent guidance by public health officials. Leading health officials are now saying that “distancing will be with us through the summer.” And they indicate that there could be a second wave of the outbreak in the fall.

CISOs can work to address the ongoing work-from-home movement with security-as-a-service (SECaaS) offerings. Employing cybersecurity on a SaaS basis is a growing trend. Recent reports suggest SECaaS is poised for a 16.11% compound annual growth rate between 2019 and 2025. By 2025, ResearchAndMarkets.com says, the market is forecast to be worth nearly $19.4 billion.

The as-a-service model enables users to benefit from security immediately and without a major upfront expense. Such cloud-based models also can scale easily as demand requires.

Today’s environment calls for encryption, key management and multi-factor authentication

With near daily stories about security breaches and identity, it can be difficult to know who to trust. nCipher Security and our parent company, Entrust Datacard, are unrivalled in their ability to enable organizations to secure their enterprises – wherever their workers may be.

Entrust IdentityGuard is a high assurance identity management solution that meets the most complex authentication needs of banks, governments and Fortune 500 enterprises. It encrypts every piece of sensitive data before storing it in the database, and decrypts it every time it reads it back. IdentityGuard offers passwordless workstation login, along with digital signing and encryption. And it does not require hardware or operating system upgrades.

Businesses that pair IdentityGuard with nShield HSMs gain great value. Our HSMs provide dedicated cryptographic capabilities, protecting underpinning signing and encryption keys within a FIPS 140-2 Level 3 and Common Criteria EAL4+ certified root of trust. And this solution for generating, accessing and protecting key material – keeping it separate from sensitive data – is now available on a subscription basis.

And our cloud-based Multi-Factor Authentication solution enables secure access to applications and VPNs, ease of device provisioning and self-service password resets. It strikes the right balance between security and usability – delivering a consistent and trusted identity and adaptive authentication across all devices. It’s also available on an as-a-service basis, making it easy on CISOs.

Businesses are facing many challenges right now. We’re here to make life easier – and more secure – for these organizations and their newly remote workforces. This crisis has accelerated the move to the cloud and digital transformation that we’ve all been working toward for so long. It’s a call to action. Organizations now need to take the extra steps to ensure their organizations and employees are secure in this new and more distributed work environment.

Right now companies need a work-from-home solution that is both secure and productive. Remote workers connecting to corporate networks can introduce security risks, as can the use of bring your own devices (BYOD). The ability to authenticate the identities of your remote workforce is therefore paramount to ensure only authorized users have access to your business critical information, applications and systems.

To support working from home requirements Entrust Datacard is offering an unlimited number of free 30-day user licenses for its cloud-based multi-factor authentication solution – IntelliTrust. To take advantage of this offer sign up at https://entrust.us.trustedauth.com/#/signup to activate your license.