The sudden shift towards remote working, as a result of worldwide lockdowns, has prompted businesses to change their IT models almost overnight. As more businesses flock to the cloud environments like never before to ensure business continuity, rethinking cloud security becomes extremely critical in this ‘new normal’.

When perimeter has extended, more assets are needed to be secured means broaden the attack surface. In many ways, it has become a huge challenge for organizations to keep themselves one step ahead of the attackers. In times like these, it is high time for organisations to rethink their security approach and align their security needs with current market and technology landscape.

We recommend the following best practices that must be undertaken on priority to protect your organisations:

1. Secure corporate Applications access and end points -

"A verify first, trust later approach" solution must be encouraged. Organizations must put in place a strategy to adopt a zero trust framework and allow user access on "need to know", "least privilege" basis. User access to corporate applications must be provided by creating a system of checks and balances.

2. Pay attention to Databases too -

We have not heard much on database security, which is a critical asset of any organisation. In many places, this is managed by third party administrators. Databases have critical information and in current situation, most databases are open to access from outside the organisation. Without database security, business tasks can be interrupted and confidential information may disclosed. Hence, there is a need to prioritize database security to discover and classify files containing sensitive data.

3. Monitor User Behaviour -

By now, most organisations have realised that the change in work culture, environment will remain longer than expected. Hence, there is a need to shift security priorities to meet current challenges. Users are accessing (via different channels i.e. corporate VPN, Internet etc. ) from home not only to access corporate assets but also mediums such as social platforms, shopping sites etc.

4. Continuous security alert detection and monitoring -

A SIEM solution to continuously monitor, alert and respond to alerts is very much required for every organisation. This is required not only for compliance but is also an essential elementary step in the journey towards becoming a secure enterprise. Most of the organisations have integrated critical devices with SIEM platform to have continuous security log monitoring in place.

5. Digital Risk management -

Unregulated digital sprawl has opened up new security threats for organisations. Further, increased remote working is doubling up risks of data leaks. While open threat intelligence is useful, it has huge amount of unwanted information. Hence, finding relevant intelligence is like finding “Needle in a haystack”.

6. Secure unmanaged privileged identities -

Current situation is also pushing us to think through on identities. Employees have direct and privileged account access to critical assets, and they are commonly not monitored extensively like other security technologies which allows for a lot of internal fraud and abuse to go unnoticed.

Re-prioritizing security goals in line with above mentioned best practices and monitoring, managing overall security landscape through a SOC will help organisations to keep themselves one-step ahead of adversaries.