For millions of Americans, the Fourth of July means fireworks, picnics and barbecues, and the chance to take a much-needed vacation. According to AAA, 2019 is going to be one for the record books. Nearly 49 million Americans are planning a getaway over the holiday weekend this year, the most since record keeping began in 2000.
What does all this fun in the sun, relaxation, and record-breaking travel mean for the security of your organization’s technology environment? The answer’s not that simple.
Though some risks do increase when employees (and IT security staff) vacation, others remain flat, or actually decrease. With fewer workers in the office, the chances of someone clicking on a malicious link from an enterprise-owned device may be smaller, but if less monitoring is in place, sophisticated and advanced persistent threat operatives may take advantage of the opportunity to make a lateral move across the network.
Employees are less likely to click on work-related phishing emails, but they may be more vulnerable to targeted attacks on personal devices connecting to insecure wireless networks. It’s wise for information security professionals to think carefully about the specific threats their individual organizations and environments are most likely to encounter during vacation season. Here are three essentials your team should consider before hitting the road or beach this summer.
1. Ensure you have a remote access or monitoring solution in place for securing endpoints.
When today’s employees travel, they’re likely to take their laptops along. To ensure they’re not taking unnecessary security risks during their time off—or exposing your network to malware as soon as they reconnect—you can implement a Remote Monitoring and Management (RMM) solution. When RMM is in place, a lightweight client is installed on all devices, whether employee-owned or enterprise-owned, that is granted access to corporate IT resources. This makes it possible for your security team to monitor and manage devices remotely. You can troubleshoot issues, view performance data, and create reports.
It’s also easy to install patches and updates—even automatically. Some RMM solutions can be integrated with Advanced Endpoint Protection Platforms to provide comprehensive, location-independent protection for employee devices.
2. Protect against web-based threats targeting employees who travel.
Some of the cheap hotel room deals or bargain airfares advertised online may in fact be too good to be true. But distracted or over-eager employees may click on them anyway, even if they’re generally aware of the risks of clicking on unknown links. With a Secure DNS Filtering solution, your security team can easily monitor, control, and protect user web traffic at any time of day or night, regardless of whether employees are at home or away. You can restrict access to known malicious, inappropriate or unproductive websites, monitor user behavior, and set browsing rules that enhance security and productivity.
3. Always have a plan for monitoring endpoint activity, and get help if you want to take time off during the summer.
Today’s most sophisticated attackers never sleep. Some will try to take advantage of IT security staff shift changes, overnights, or likely vacation periods to conceal their attempts to explore your environment, install backdoors, or exfiltrate data. To ensure your network will continue to be monitored closely — even while members of your in-house security staff take much-needed time for R&R — you can call in an experienced Managed Detection and Response (MDR) provider for reinforcements. An MDR provider can supplement your staff with highly experienced security analysts who monitor all network, Active Directory, and firewall log data—at all times of day and night—for near-instant detection of malicious activities or policy violations. Your MDR partner can also help out by taking responsibility for advanced, proactive activities like vulnerability detection or threat hunting, or can take charge of threat containment and incident response. To keep you well-informed about the status of your environment even while you’re away, you can ask to receive regular, in-depth reports.
Before you head out the door to enjoy your fun in the sun (don’t forget the sunscreen), check out our free instant threat analysis to find out how well prepared your organization is to confront this summer’s most prevalent cybersecurity threats.
TEST YOUR EMAIL SECURITY