REMOTE WORKFORCE SECURITY - THE TRACE3 BLOG
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Remote Workforce Security What is it? Remote workforce security refers to the ability to secure geographically distributed teams which no longer work out of a traditional office. Remote working poses unique cybersecurity challenges for organizations because their workforce is no longer physically on-site to use corporate networks and devices within their security perimeter. Why is it important? The remote workforce continues to grow as business’s implement work from home policies and as they look to recruit more talent. This presents a whole set of challenges for security teams as workers move outside of a secure perimeter; especially during the current situation where the remote workforce has drastically grown overnight. One of the most prominent risks comes from users connecting to unknown networks which creates a much larger attack surface for organizations. A typical solution to this would be to require workers to use a VPN but setting up a VPN can be very time consuming and be very costly. Not only does this pose a challenge but security teams are now faced with an increase adoption of cloud applications and use of unmanaged devices. Securing the remote workforce is a critical part of modern business. Approaches While securing a remote workforce presents new challenges there are several approaches to help secure them. Identity and access management solutions secure the users by validating through technologies like single sign on and multifactor authentication to grant access to corporate resources. Endpoint security and mobile security protects users’ devices by preventing malware, blocking exploits and providing enabling detection and response. Secure remote access and connected home security protect users at the network level ensuring safe communications. Cloud Access Security Brokers secure cloud applications by providing data protection, visibility and threat protection. Access Management: Access Management refers to technology and processes for managing identities and access permissions for users, computing devices, and applications. Access management provides full lifecycle management by providing the means and credentials for identification during the onboarding process, through to authenticating and authorizing access to resources, and all the way to revoking access credentials and identities. Secure Remote Access: Remote Access refers to the ability to access a computer from a remote location. Software-Defined Perimeter (SDP) solutions are utilized to authenticate
Remote Workforce Security and authorize users based on predefined policies in order to grant remote access to specific network areas. Endpoint Security: An endpoint security platform is an integrated suite of endpoint protection technologies used to prevent file-based malware attacks, detect malicious activity, and provide the necessary investigation and remediation capabilities to respond to dynamic security incidents and alerts. Endpoint security platforms provide a unified framework for data sharing between endpoint protection technologies and an interface for visibility and control. Connected Home Security: Connected Home Security protects smart home manufacturer’s devices in home LAN environments, where they are at risk of attacks both due to their device’s own vulnerabilities and from lateral attacks originating from other unsecured devices on the same network. Cloud Access Security Broker: Cloud Access Security Brokers are platforms that sit in between cloud services and consumers to extend security policies from on premise to the cloud. The original use of these platforms was to discover and monitor sectioned and unsanctioned applications in the cloud but have become so much more. They cover critical areas of security which include data protection, compliance, visibility and threat protection. CASBs enforce these through security polices such as authentication, encryption, tokenization, data masking, user behavior analytics and malware detection. These are typically run through proxies, reverse proxies and APIs. Mobile Security: Mobile security solutions offer a platform for detecting threats on Android and iOS devices through monitoring network activity whether it be cellular or wireless and by monitoring application activity. More specialized vendors provide capabilities around mobile forensics and mobile espionage defense.
Remote Workforce Security
Technologies
Access Management
Auth0, a global leader in Identity-as-a-Service (IDaaS), provides thousands of
customers in every market sector with the only identity solution they need for
their web, mobile, IoT, and internal applications. Its extensible platform
seamlessly authenticates and secures more than 2.5 billion logins per month,
making it loved by developers and trusted by global enterprises.
Deepnet Security is a leading provider of multi-factor authentication, 2 factor
authentication and identity management solutions. Its award-winning product,
DualShield Unified Authentication Platform provides two-factor
authentication and two-way authentication for a variety of enterprise, web
and cloud applications in one single security platform, and supports a wide
selection of authentication methods and user credentials, such as hardware,
software and mobile phone based one-time passwords, keystroke bio-metrics,
virtual smart cards and device DNA authentication and many more.
Duo makes multi-factor authentication radically easy to deploy, use, and
manage by leveraging mobile phones for transaction verification to help make
the Internet more secure.Remote Workforce Security Entrust Datacard® IntelliTrustTM secures and enables your company’s digital business across employee, customer and partner user groups — all from one platform. A cloud-based multi-factor authentication solution, IntelliTrust offers simple deployment and management for IT and a frictionless experience for existing and future users. ForgeRock delivers modern and comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world. Using ForgeRock, more than a thousand global customer organizations orchestrate, manage, and secure the complete lifecycle of identities from dynamic access controls, governance, APIs, and storing authoritative data – consumable in any cloud or hybrid environment. Idaptive Next-Gen Access is the only industry-recognized solution that uniquely converges Single Sign-on (SSO), adaptive multifactor authentication (MFA), enterprise mobility management (EMM) and user behavior analytics (UBA). With Idaptive, organizations experience secure access everywhere, reduced complexity, and have newfound confidence to drive new business models and deliver kick-ass customer experiences. LastPass is an award-winning password manager helping more than 16 million users organize and protect their online lives. For more than 58,000 businesses of all sizes, LastPass provides identity and access management solutions that are easy to manage and effortless to use. From single sign-on and enterprise password management to adaptive multifactor authentication, LastPass for Business gives superior control to IT and frictionless access to users. Azure Active Directory (Azure AD) is an identity and access management-as-a- service (IDaaS) solution that combines single-on capabilities to any cloud and on-premises application with advanced protection. It gives your people, partners, and customers a single identity to access the applications they want and collaborate from any platform and device. And because it’s based on scalable management capabilities and risk-based access rules, Azure AD helps ensure security and streamline IT processes. Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With over 6,500 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely use the best technologies for their business. OneLogin is the identity platform for secure, scalable and smart experiences that connect people to technology. With the OneLogin Trusted Experience Platform, customers can connect all of their applications, identify potential threats and act quickly. Ping Identity is pioneering Intelligent Identity. We help enterprises achieve Zero Trust identity-defined security and more personalized, streamlined user experiences. The Ping Intelligent Identity platform provides customers, employees, partners and, increasingly, IoT, with access to cloud, mobile, SaaS and on-premises applications and APIs, while also managing identity and profile data at scale. SecureAuth provides the most flexible and adaptable identity and access
Remote Workforce Security
management solution to secure all workforce and customer identities
everywhere: hybrid, on-prem, and cloud. Leading organizations use the
SecureAuth Identity Platform to secure access for everyone and everything
that connects to their business.
Secure Remote Access
AppGate brings together a set of differentiated cloud- and hybrid-ready
security and analytics products and services. These include AppGate SDP, the
industry’s leading software-defined perimeter solution, the Total Fraud
Protection suite of risk-based authentication and digital threat protection
capabilities and a range of innovative threat management and analytics
offerings including the Brainspace digital investigations platform and the
company’s Immunity range of offense-oriented software and adversary
simulation services.
Banyan Security's next generation Zero Trust Network Access platform
provides seamless remote access to corporate resources hosted in hybrid and
multi-cloud environments. Banyan enhances security by reducing your attack
surface, eliminating lateral movement and preventing unauthorized access.
Utilizing innovative TrustScoring powered by machine learning, Banyan
ensures both users and devices are authenticated and authorized before
granting granular least privilege access to sensitive corporate applications and
servers.
With Duo Beyond, you can identify trusted endpoints by easily deploying
device certificates, block any untrusted endpoints and give your users secure
access without a VPN.
Odo’s Zero Trust Network Access platform enables organizations to simplify,
secure and scale remote access to self-hosted resources across public cloud
and on-premise infrastructures. Odo’s clientless and agentless solution
enables security teams to easily manage secure access to any application,
server, database and environment, providing full visibility across all user
activity and eliminating the need for VPNs.
ScaleFT is a pioneer in Zero Trust providing a BeyondCorp-inspired access
management platform that enables secure remote access without a VPN. The
ScaleFT team collectively has decades of experience in IT, coming from
companies such as Rackspace, The Apache Foundation, Yahoo! and more.
Perimeter 81 is a Zero Trust Network as a Service that has taken the outdated,
complex and hardware-based traditional network security technologies, and
transformed them into a user-friendly and easy-to-use software solution —
simplifying secure network access for the modern and distributed workforce.
Proofpoint Meta is the zero-trust alternative to VPN for secure remote
access to any enterprise application, anywhere. With our people-centric
solution, rapidly deploy access from user devices to applications in the
data center and the cloud.
Pulse Secure provides easy, comprehensive software-driven Secure Access
solutions that provide visibility and seamless, protected connectivity betweenRemote Workforce Security
users, devices, things, and services. Our suites uniquely integrate cloud,
mobile, application, and network access to enable hybrid IT in a Zero Trust
world.
Safe-T is a provider of Zero Trust Access solutions which mitigate attacks on
enterprises’ business-critical services and sensitive data, while ensuring
uninterrupted business continuity. Safe-T’s cloud and on-premises solutions
ensure that an organization’s access use cases, whether into the organization
or from the organization out to the internet, are secured according to the
“validate first, access later” philosophy of Zero Trust.
Luminate enables security and IT teams to create Zero Trust Application
Access architecture without traditional VPN appliances. Our Secure Access
Cloud™ securely connects any user from any device, anywhere in the world to
corporate applications, on-premises and in the cloud, while all other corporate
resources are cloaked without granting access to the entire network.
Verizon further enhanced its best-in-class Software Defined Perimeter (SDP)
security service by acquiring PrecisionAccess solution from Vidder. Verizon’s
SDP service creates a network boundary that provides trusted and unified
access control for users and devices. Access control is across internal
networks, clouds, and external users, enhancing security by continually
ensuring that only trusted devices used by entitled users can ever see and
access trusted applications.
Zscaler Private Access (ZPA) is a cloud-delivered, zero trust network access
(ZTNA) service that provides secure access to all private applications, without
the need for a remote access VPN. ZPA delivers a zero trust model by using
the Zscaler security cloud to deliver scalable remote and local access to
enterprise apps while never placing users on the network.
Endpoint Security
VMware Carbon Black is a leader in cloud-native endpoint protection
dedicated to keeping the world safe from cyberattacks. The VMware Carbon
Black Cloud consolidates endpoint protection and IT operations into an
endpoint protection platform (EPP) that prevents advanced threats, provides
actionable insight and enables businesses of all sizes to simplify operations. By
analyzing billions of security events per day across the globe, VMware Carbon
Black has key insights into attackers’ behaviors, enabling customers to detect,
respond to and stop emerging attacks.
Cybereason, creators of the leading Cyber Defense Platform, gives the
advantage back to the defender through a completely new approach to
cybersecurity. Cybereason offers endpoint prevention, detection and
response and active monitoring. The solution delivers multi-layered endpoint
prevention by leveraging signature and signatureless techniques to prevent
known and unknown threats in conjunction with behavioral and deception
techniques to prevent ransomware and fileless attacks.
CrowdStrike is the leader in cloud-delivered next-generation endpoint
protection. CrowdStrike has revolutionized endpoint protection by being the
first and only company to unify next-generation antivirus (AV), endpointRemote Workforce Security
detection and response (EDR), and a 24/7 managed hunting service — all
delivered via a single lightweight agent.
Cylance develops artificial intelligence to deliver prevention-first, predictive
security products and smart, simple, secure solutions that change how
organizations approach endpoint security. Cylance provides full spectrum
predictive threat prevention and visibility across the enterprise to combat the
most notorious and advanced cybersecurity attacks. With AI-based malware
prevention, threat hunting, automated detection and response, and expert
security services, Cylance protects the endpoint without increasing staff
workload or costs.
Endgame makes military-grade endpoint protection as simple as anti-virus.
Leveraging the industry’s most advanced machine learning technology,
Endgame enables security operators of any skill level to deliver full-force
protection, stopping everything from ransomware, to phishing, and targeted
attacks. Endgame is the only endpoint security platform to offer a unique
hybrid architecture that delivers both cloud administration and data
localization that meets all industry, regulatory, and global compliance
requirements.
SentinelOne is a pioneer in delivering autonomous security for the endpoint,
datacenter and cloud environments to help organizations secure their assets
with speed and simplicity. SentinelOne unifies prevention, detection, response,
remediation and forensics in a single platform powered by artificial
intelligence. With SentinelOne, organizations can detect malicious behavior
across multiple vectors, rapidly eliminate threats with fully-automated
integrated response and to adapt their defenses against the most advanced
cyberattacks.
Connected Home Security
Bitdefender IoT Security Platform’s design supports the rapid adoption of
Internet-connected devices on new or existing infrastructures. It protects the
whole networking ecosystem against cyber-attacks, malware, and spying
attempts. The platform draws on the intelligence of more than 500 million
endpoints, with each new detection automatically improving the platform for
all users globally.
Powered by proprietary artificial intelligence models and uniquely built on
billions of real-world data points, the CUJO AI portfolio of products is
designed to gain a clear insight on how data moves across networks and to
digitally protect people and devices, creating a safer smart-living experience in
homes, businesses and connected communities. Network, mobile and public
Wi-Fi operators around the world utilize the CUJO AI portfolio of products to
provide their customers with a seamlessly integrated suite of value-added
services, covering network monitoring and protection, advanced connected
device identification, real-time network security, privacy protection, content
access control and digital parenting.
Firedome is built to secure billions of home IoT devices and prevent the next
cyber-catastrophe. With home IoT device companies facing the risk of being
held responsible for harmful breaches and attacks, Firedome has tailored itsRemote Workforce Security
offering to their business and product needs. Firedome is funded by top
security veterans with offices in New York and Tel Aviv, and employs
multinational cyber, embedded, research and analysis experts.
Fortress Information Security is an information security and cyber risk
mitigation company redefining traditional risk management. Fortress utilizes
its Risk Identification, Monitoring, & Management Platform (RIMM), to help
companies better understand, visualize and secure its critical business
assets. Fortress’ always-on, co-managed RIMM platform combines next-gen
security technology and vulnerability management tools, to more efficiently
operationalize findings, remediation and risk management across the
enterprise.
F-Secure shield enterprises and consumers against everything from advanced
cyber attacks and data breaches to widespread ransomware infections. Its
technology combines the power of machine learning with the human
expertise of its world-renowned security labs for a singular approach called
Live Security.
SAM provides a software-based security solution that integrates seamlessly
with any platform and protects local area networks by securing the gateway
and all of its connected devices. Installed remotely on existing gateways, SAM
doesn't require any additional hardware or a technician to provide
comprehensive network security. The solution is offered as a service, allowing
users to have the enterprise-grade protection including virtually patching
vulnerabilities such as KRACK and other high-level, targeted attacks. SAM
works with leading chipset manufacturers, including Intel, to provide network
security from the source.
Cloud Access Security Broker
Bitglass, the total data protection company, is a global cloud access
security broker (CASB) and agentless mobile security company based
in Silicon Valley. The company's solutions enable real-time end-to-end
data protection, from the cloud to the device. Bitglass is backed by
Tier 1 investors and was founded in 2013 by a team of industry
veterans with a proven track record of innovation and execution.
Censornet provides a multi-channel, multi-layered approach to
securing the cloud via its purpose-built platform. CensorNet delivers
integrated web security, email security, CASB and multi-factor
authentication to provide security focused visibility and control of an
organization’s assets. Our elastic security platform combines
traditional security controls (e.g. web/URL filtering, email security)
with granular cloud application control and adaptive multi-factor
authentication to allow access while controlling outcomes.
Cisco Cloudlock is the API-based Cloud Access Security Broker
(CASB) that helps accelerate use of the cloud. Cloudlock secures your
identities, data, and apps, combating account compromises, data
breaches, and cloud app ecosystem risks. Our API-driven approach
provides a simple and open way to enable healthy cloud adoptionRemote Workforce Security CipherCloud, a leader in cloud security and visibility, enables companies to adopt the cloud while delivering data protection, compliance and control. CipherCloud delivers a comprehensive multicloud security platform that integrates advanced data protection, content control, monitoring, cloud discovery and risk analysis. The largest financial services, insurance, healthcare, telecommunication, and government companies across more than 25 countries have put their trust in CipherCloud. Forcepoint is the human-centric cybersecurity company that understands behavior and adapts security response and enforcement to risk. The Forcepoint Human Point platform delivers Risk-Adaptive Protection to continuously ensure trusted use of critical data and systems. Skyhigh Networks, acquired by McAFee, is the world’s leading Cloud Access Security Broker (CASB). Skyhigh enables enterprises to safely adopt cloud services, while meeting their security, compliance and governance requirements. With more than 600 enterprise customers globally, Skyhigh provides organizations the visibility and management for all their cloud services, including enforcement of data loss prevention policies; detecting and preventing internal and external threats; encrypting data with customer-controlled keys; and implementing access-control policies. Microsoft Cloud App Security is a multimode Cloud Access Security Broker (CASB). It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services. Netskope is the leader in cloud security. We help the world’s largest organizations take full advantage of the cloud and web without sacrificing security. Our patented Cloud XD technology eliminates blind spots by going deeper than any other security provider to quickly target and control activities across thousands of cloud services and millions of websites. With full control from one cloud, our customers benefit from 360-degree data protection that guards data everywhere and advanced threat protection that stops elusive attacks. The Oracle CASB Cloud Service is the only Cloud Access Security Broker (CASB) that gives you both visibility into your entire cloud stack and the security automation tool your IT team needs. By offering advanced data protection and consistency across applications, Prisma SaaS reins in the risks. It addresses your cloud access security broker needs and provides advanced capabilities in risk discovery, data loss prevention, compliance assurance, data governance, user behavior monitoring and advanced threat prevention. Now you can maintain compliance while preventing data leaks and business disruption through a fully cloud-delivered CASB deployment.
Remote Workforce Security
Proofpoint Cloud App Security Broker (Proofpoint CASB) helps you
secure applications such as Microsoft Office 365, Google’s G Suite,
Box, and more. Our CASB solution and protection app provides a
unique risk-aware, people-centered approach gives you visibility and
control over your cloud apps, so you can deploy cloud services with
confidence. Our powerful analytics help you grant the right levels of
access to users and third-party add-on apps based on the risk factors
that matter to you.
Symantec CloudSOC Cloud Access Security Broker (CASB) is the
broadest, deepest protection for the public cloud: visibility, data
security, and threat protection for IaaS accounts and data in the cloud
Mobile Security
Better Mobile is a leading Mobile Threat Defense (MTD) solution provider that
uses predictive AI technology to identify and stop mobile security threats
without compromising end-user productivity or privacy. Better MTD’s
predictive protection comes from its Deep Thinker AI platform that applies
artificial intelligence and learning models to identify known and unknown
threats at the device, network and application levels.
Check Point SandBlast Mobile prevents mobile threats before they start.
Whether data is at-rest on a device or in-motion, SandBlast Mobile protects
against vulnerabilities and attacks that put data at risk.
Kaspersky Security for Mobile is a Mobile Threat Defense (MTD) and Mobile
Threat Management (MTM) solution that helps businesses ensure that their
mobile workers can use mobile devices to perform work tasks without putting
sensitive business data and critical business processes at risk. It combines
industry-leading anti-malware, anti-spam and web, application and device
controls as well as anti-theft features.
Lookout is a cybersecurity company for the post-perimeter, cloud-first,
mobile-first world. Powered by the largest dataset of mobile code in existence,
the Lookout Security Cloud provides visibility into the entire spectrum of
mobile risk. Lookout is trusted by hundreds of millions of individual users,
enterprises and government agencies and partners such as AT&T, Verizon,
Vodafone, Microsoft, Apple and others.
PRADEO SECURITY offers a complete, automatic and seamless protection to
mobile devices and applications, aligned with your organization security policy
while preserving business agility.
Privoro is leading the way in mobile security hardware systems – enabling
organizations to adopt a zero trust posture against commercial mobile devices
while delivering high-security services and unsurpassed control.
Proofpoint Mobile Defense provides enterprises with comprehensiveRemote Workforce Security protection and visibility against malicious and privacy-leaking iOS and Android apps. These apps frequently lead to advanced persistent threats (APTs), spear phishing attacks on employees, and leaked corporate data. Sophos Mobile is a Unified Endpoint Management (UEM) and Mobile Threat Defense (MTD) solution that helps businesses spend less time and effort to manage and secure traditional and mobile endpoints. The only UEM solution that integrates natively with a leading next-gen endpoint security platform, Sophos Mobile manages and secures iOS, Android, Chrome OS, Windows 10 and macOS devices. Symantec Endpoint Protection Mobile's risk-based mobile security approach is designed from the ground up to defend against all detected threats that put business data at risk of exposure, theft and manipulation, while respecting users' need for privacy, productivity and a great mobile experience. Wandera provides a unified cloud security solution to protect this new way of working. We secure your data and devices against cyber threats, help you apply policies to filter internet access and reduce risk exposure, and enable zero-trust access to all your applications. ZecOps provides the industry-first automated agentless Digital Forensics and Incident Response (DFIR) platform on endpoints, servers and mobile devices. ZecOps platform enables automated discovery, analysis, and disinfection of persistent attackers that go unnoticed by existing security controls by finding and leveraging attackers’ mistakes. In addition to identifying and responding to cyber security threats, ZecOps platform diagnoses IT issues and enhances DevSecOps. The platform is also suitable for ATMs, IOT and other embedded devices. All ZecOps solutions take minutes to deploy even at scale and operate without prerequisites. Zimperium is the industry leader in Mobile Threat Defense with the world’s largest deployment of mobile device sensors. Only Zimperium offers real-time, on-device protection against both known and unknown threats, enabling detection and remediation of attacks on all three levels - the device, the network and the application.
You can also read
