How many of you got that call at the beginning of the pandemic to make your company’s workforce 100% capable for remote work? How many of you had no idea how to make that happen, seemingly (and sometimes literally) overnight? How many of you were already prepared for such an event?
Remote workforces and mobile device management (MDM) are more important than ever in 2020’s pandemic reality. Unmanaged remote endpoints are one of the biggest risks to an organization’s cybersecurity posture today.
Don’t think of remote endpoints solely from the isolated ransomware/malware infection standpoint. Instead, think of them from a MITRE ATT&CK matrix perspective. Ask yourself these questions:
Can attackers gain access to the endpoint?
Can attackers establish persistence?
Can attackers perform data collection and exfiltration?
What could an attacker achieve by compromising an unmanaged remote endpoint?
What can that endpoint bring back to the enterprise network with it when it returns to the office?
While working with Rapid7 customers over the past several months of quarantine and lockdown, it’s evident to me that many companies were caught completely off guard when facing the reality of being unable to work from their corporate offices.
Many customers have no ability to manage their endpoints remotely without them being connected to the company VPN, or in many cases, are unable to manage them at all. Many times, these VPN connections are unreliable, or the company had not planned for the network overhead required for a thousand employees connecting to the company VPN at the same time.
Companies have spent large amounts of money over the past several months rolling out more robust VPN solutions and mobile devices (like lapto ..
Support the originator by clicking the read the rest link below.
