Page 62 - Cyber Defense Magazine for August 2020
P. 62
Connectivity Hurdles
Now that agencies have established basic connectivity, the focus has shifted to optimizing connections
and improving security. There are a variety of approaches – some agencies have deemed split tunnel
virtual private networks (VPNs) too risky, opting for full tunnel VPNs where both user and management
traffic flow through the same channel. While this approach can achieve the short-term goal of
establishing and maintaining secure connectivity, it also has unintended consequences.
Using full tunnel VPNs can lead to slow response times, causing employees to disconnect from the VPN
altogether. When this happens, IT teams are blind to those devices and they don’t get routine patches,
making them increasingly vulnerable to cyberattacks. While these endpoints used to enjoy the added
protection of an existence behind the protective boundary of the enterprise network perimeter, they are
now isolated in an uncontrolled environment with only their point tools protecting them and active
management and visibility only afforded while connected to the VPN.
BYOD has added another layer of risk and complexity, with many employees turning to personal devices
to continue working. However, there’s often a discrepancy between not just the out of the box tools that
reside on an individual’s personal device and their work computer, but also the security tools loaded and
managed on each. And, when these BYOD devices only have periodic connectivity to the agency
network, cyber criminals no longer have to penetrate a multi-layered protected perimeter to get into the
main server. They can use the unprotected device as an entry point into the network.
A holistic approach helps enable improved visibility and control over the network, regardless of where an
asset is located. The challenge is that decisions about connectivity, endpoint security, and perimeter
security are often made in a vacuum by those independent teams responsible for each versus a combined
solution. With a holistic approach in mind, teams can understand what is impacting the agency’s risk,
mitigate each risk for the time being, and remediate it for the long-term.
The Next Phase
As agencies look to the future, operations will not resume as in times past and budgets will be
impacted. Agencies must consider the sustainability of solutions long-term, specifically in terms of
mitigation of the inherent risk a distributed workforce carries. They should be pragmatic in their future
plans, having ideological discussions around assessing and measuring risk, dealing with steps to mitigate
risks, and finding cost-effective ways to address risk and secure the network. IT teams need to be data
driven and look at the validity of the data agencies are working with.
Agencies must build a foundation for assessing and addressing risk based on real time data to maintain
business and mission continuity amid a risk landscape that’s changed dramatically and irrevocably.
It may seem impossible to get a hold of the amount of data needed quickly enough to make good risk
decisions. But, it’s not impossible – it’s being done today. With the new levels and types of risk that arise
from this remote environment, it is critical to set aside traditional risk assessments and protections and
start looking at risk pragmatically. Agencies must take a hard look at existing tools and how they are
hamstrung when dealing with remote endpoints - and consider replacing those legacy tools/platforms
that fall short.
Cyber Defense eMagazine – August 2020 Edition 62
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.