Lack Of Segmentation For Remote Workers

The rapid shift to remote work at the onset of COVID-19 disrupted business’ network architecture by making things inside the network far more open than intended, which resulted in nonprivileged users having access to core databases, said Jonathan Couch, ThreatQuotient’s senior vice president of strategy and corporate development. The open architecture created more operational and financial risk for businesses, he said.

To save money, Couch said organizations introduced a single VPN access point into their network rather than grouping internal systems by function as they did prior to COVID-19. The lack of internal boundaries meant that all employees now had access to the company’s human resources and financial data rather than just employees working in those departments, according to Couch.

Organizations should closely examine their access and segmentation policies to keep remote employees confined to their particular area of work rather than giving them broad access across the company’s network, according to Couch. Implementing a zero trust architecture can dramatically improve the security of highly distributed workforces, Couch said.