COVID-related activity restrictions have made working from home the norm. Both employers and employees have adjusted how they work to ensure business continuity during this time. Even after the pandemic subsides, it is widely expected that employers will continue to offer more flexibility to employees to work from home at least part of the workweek. These developments are shining a spotlight on endpoint security and the need to ensure that the laptops employees are using are secure and offer the same level of protection as desktops inside the corporate perimeter.
Everyone says security is important. Yet, there are reports every single week about breaches. In just one seven-day period in early February, I saw reports about:
The current state of the art makes it clear that security continues to be a weak link. Specifically, we are lulled into a false sense of security by antivirus products' claims. Yes, they do an important job. But the traditional methods of securing a laptop with antivirus solutions or a virtual private network (VPN) client running inside Windows are no longer sufficient to ensure the devices' security, especially in the wake of emerging threats. This issue becomes even more serious with laptops used for corporate-sensitive or nation-sensitive use cases.
We need a new paradigm for the secure laptop, inspired by the US government's Commercial Solutions for Classified (CSfC) program.
Secure Laptops: A Layered Approach to SecurityThe Multiple Independent Levels of Security (MILS) architecture advocates security through isolation. The crux of this is to allow security-sensitive ..