Ongoing Remote Work Due to COVID-19 Propels Need for MSSP Action

The COVID-19 pandemic continues to prove that remote work is turning into a permanent option, not just a temporary solution. As such, research firm Gartner has laid out 10 security projects, eight of which are new, that address risk management in the new era of work.

Gartner’s Jonathan Care

“Before the pandemic, most enterprises designed their risk appetites around the assumption that remote working was the exception, rather than the norm,” said Jonathan Care, senior research director at Gartner. “When that scenario was flipped, risks such as always-on VPNs and bring-your-own-device, which were previously a lower priority for security leaders, suddenly became top of mind. This forced security teams to rapidly reassess their enterprise’s risk landscape and deploy new solutions and policies accordingly.”

To be sure, a recent ConnectWise survey shows that COVID-19 has amped up SMBs’ security concerns, in particular.

With all that in mind, managed security service providers may want to doublecheck that they have acted on, or soon will, the following recommendations for clients. The projects do not require completion in the order in which they are listed. Rather, they can be conducted independently of one another.

Gartner’s 10 Security-Project Recommendations

1. Secure the remote workforce. Focus on business requirements. Understand how users and groups access data and applications. Now that a few months have passed since COVID-19 sent employees to work from home, the time has come for a needs assessment and review of what has changed. This will determine whether access levels are correct and whether any security measures are impeding work.

2. Evaluate risk-based vulnerability management. Don’t try to patch everything, Gartner says; instead, focus on exploitable vulnerabilities. Go beyond a bulk assessment of threats and use threat intelligence, attacker activity and internal asset criticality to provide a better view of real organizational risk.

3. Use extended detection and response (XDR). XDR serves as a unified security and incident response platform that collects and correlates data from multiple proprietary components. This platform-level integration occurs at deployment. XDR consolidates multiple security products into one. It could provide better overall security outcomes, according to Gartner.

4. Implement cloud security posture management. Organizations need common controls across IaaS and PaaS. They also need automated assessment and remediation. Because cloud applications are so dynamic, they require an automated DevSecOps style of security, as Gartner noted. Ensure policy uniformity across the organization’s public clouds.

5. Simplify cloud access controls. Make sure the organization has cloud access security brokers in place for cloud access controls. This will offer real-time policy enforcement and active blocking.

6. Put DMARC in place. Domain-based message authentication, reporting and conformance, or DMARC, provides email authentication policy. Phishing emails have grown more sophisticated, making it harder for end users to determine what’s real and what’s not. DMARC does not assure total email security, but it does deliver another layer of trust and verification, such as with domain spoofing, Gartner says.

7. Deploy password-less authentication. Employees often use the same password for their work computer as for their personal email. This can cause major security headaches. Password-less authentication represents a better approach, Gartner says.

8. Classify and protect data. Because data varies, a one-size-fits-all security ethos will increase risk. Some data will have too much protection; others will have too little. Gartner supports starting with policies and definitions for each data set, then adding in the requisite security.

9. Assess workforce competencies. Put the right people with the right skills in the right roles, Gartner says. While no perfect candidate exists, one person can hold five or six must-have attributes for each project.

10. Automate security risk assessments. This will help security teams to understand risks related to security operations, new projects or programs.

MSSPs Are Crucial, Especially for Remote Work Safeguards

Overall, the breadth and depth of these recommendations underscore that organizations may well want to increase their reliance on MSSPs in the coming years.

This applies not just because of MSSPs’ expertise, but because enterprises must think about mitigating potential legal problems. That observation comes after two new findings on Gartner’s part. The first is that only 12% of chief information security officers excel in all four areas considered vital to effectiveness. The second is that, by 2024, three in four (75%) CEOs will be held personally liable for cyber-physical security incidents, Gartner predicts. Aligning with a solid MSSP that stays ahead of bad actors could stand out as the key.

For now, though, MSSPs must stay focused on enabling customers’ businesses while reducing their exposure.

“Bad actors are always looking to take advantage of worldwide events, such as the pandemic, to exploit new vulnerabilities and circumvent even the most advanced security controls,” Care said.