Remote and hybrid work is here to stay. In an increasingly complex security environment, no challenge looms larger than how to protect remote devices that tie back into the corporate network.\n\nIn fact, modernizing networking technologies ranks among the top IT goals for 2022 according to an IDG survey conducted on behalf of Insight Enterprises. \n\nWith more users working remotely, tools and processes designed for corporate networks are less effective for endpoint protection, leaving IT teams scrambling to keep their users protected. By some estimates, cybercrime could cost companies an estimated $10.5 trillion annually by 2025, up from $3 trillion in 2015.\n\nWhen polled, CIO Experts Network of IT professionals and industry analysts stressed the need for employee buy-in, as well as a commitment to device management and endpoint security.\n\nMost importantly, however, is building a strong security culture that encourages best practices across the organizations. The IDG survey found that 36% of respondents say that mitigating risk with stronger cybersecurity programs is a top objective for 2022. \n\nAccording to several influencers, that requires acceptance and buy-in from leadership:\n\n\u201cCorporations should look at homes as an extension of their organization\u2019s boundaries. Which means that the same\/similar tools, technologies, processes, and safeguards should be taken into consideration for people working from home.\u201d\n\n-- Arsalan.A.Khan (@ArsalanAKhan), a tech advisor\n\n\u201cAll devices, regardless of home use or business use, should incorporate cyber security and accessibility. It is critical to understand any potential security issues that might crop up on their home networks. Creating processes that incorporate these best practices will help you keep your employees\u2019 technology and devices safe.\u201d\n\n-- Debra Ruh (@debraruh), Ruh Global IMPACT and Executive Chair of Billion Strong\n\n\u201cWhen someone says, \u2018do as I say, not as I do,\u2019 it means they are a hypocrite. Security hypocrisy is when firms don\u2019t enforce the same level of security controls for remote workers as they do on-premises. Firms serious about security must ensure that remote users follow the same robust security controls their onsite brethren do.\u201d\n\n-- Ben Rothke (@benrothke), Senior Information Security Manager at Tapad\n\nWhen leadership takes protecting remote devices connecting to the corporate network seriously, there are three simple steps to take to build a robust security framework for their network. \n\n\u201cThere are three device attack protection vectors to consider: the user, their applications, and the network,\u201d says Adam Stein(@apstein2), Principal at APS Marketing. \u201cFor the user, keep up to date with ongoing security threats that could possibly impact their work at home. The user\u2019s applications also need regular updating for ideal end-point protection.\u201d \n\nBuilding Employee Trust and Buy-In\n\nSecurity is only as strong as its weakest link. For Gene Delibero (@GeneDeLibero), CSO at GeekHive.com, ensuring strong security requires a strong security culture that educates and empowers workers.\n\n\u201cFirst, and perhaps most important, is creating a culture of accountability around security; it's not just the company's problem, it's everyone's problem,\u201d says Delibero (@GeneDeLibero). \u201cOrganizations can't expect remote employees to execute security measures effectively when they haven't been trained on the company's security policies.\u201d\n\nSteve Prentice (@cloudtweaksteve), a technology integration specialist, argues that truly dedicated organizations should build an entirely new architecture to make sure remote workers, and their devices, are up to the task. \u201cThis should become a new branch of internal IT security \u2014 specifically investigating, securing, and even penetrating the home offices of employees the same way as is done in an office. Employers should treat their employees\u2019 home workspace and mobile technologies as branch offices \u2014 still a less expensive option than paying for building floor space, cubicles, etc.\u201d\n\nIsaac Sacolik (@nyike), President of StarCIO and author of \u201cDigital Trailblazer,\u201d adds that building a security culture should go hand in hand with building a positive work environment. \u201cIt all starts with the mindset and practices aimed at improving productivity and supporting work-life balance through flexible remote and hybrid work technology options. As employees gain trust with IT, they're more open to learning and improving security, including locking down home networks, protecting data, and following IT's recommendation on protecting devices.\u201d\n\nSecuring Individual Devices \n\nAfter earning buy-in from employees, organizations still need to secure their devices. \n\n\u201cOrganizations should invest in a combination of asset management, endpoint detection, data loss prevention, cloud-based managed detection and response, and patch or vulnerability management,\u201d says Kayne Mcgladrey (@kaynemcgladrey), Field CISO at Hyperproof and Senior IEEE Member. \u201cOf those, asset management is the starting point, as an organization should have visibility into the devices accessing corporate data and be able to select and apply appropriate controls to those devices. Those controls then may include endpoint protection or data loss protection, for example, if exfiltration of sensitive corporate data may result in compliance violations.\u201d \n\nEmploying this strategy empowers an organization\u2019s IT team to protect the corporate network from a wide range of threats, according to Will Kelly (@willkelly), a writer and analyst. \u201cMy best advice for protecting at home devices starts with a solid and robust mobile device management (MDM) solution and supporting processes. An MDM automates operating system updates, security patches, virus scanning, application updates, and device security configuration, such as setting a lock screen.\u201d\n\nJack Gold (@jckgld), President and Principal Analyst at J.Gold Associates, LLC., takes that one step farther. \u201cIt\u2019s important to segregate work at home devices from other users in the family. You probably don\u2019t want your kids playing games or web surfing on the PC you use for doing work. That could be enforced by giving workers a corporate furnished \u2014 and managed \u2014 PC exclusively for their use.\u201d\n\nEnsuring Endpoint Security\n\nKieran Gilmurray (@KieranGilmurray), CEO at Digital Automation and Robotics Limited, feels that securing the corporate network relies on implementing quality endpoint security practices. \n\n\u201cThreat actors have taken advantage of the pandemic by targeting unsuspecting remote workers. Every \u2018at home\u2019 network connected device is a potential entry point for criminal activity,\u201d says Gilmurray. \u201cSo now, employees are provided with a secure VPN between their home network and their corporate offices. The only way to protect remote devices is to apply best practice corporate \u2018endpoint\u2019 security practices to every device attached to a home network.\u201d\n\nTo compensate, organizations can take a strategic approach that prioritizes high risk accounts and devices. Peter Nichol (@PeterBNichol), Chief Technology Officer at OROCA Innovations instructs to \u201cStart with what the employer can control. Be sure to prioritize energy around high-risk endpoints. Specifically, privileged accounts or accounts with elevated access should be managed within privileged access management (PAM). Companies who act on endpoint security today will save themselves big headaches tomorrow.\u201d\n\nRobust endpoint security helps reinforce human weaknesses in the corporate network, says Frank Cutitta (@fcutitta), CEO & Founder HealthTech Decisions Lab. \u201cThe human vulnerability overpowers any technological protection one can install. We\u2019re always just one errant click away from ransom or breach. While it sounds incredibly obvious, setting your computer to lock after a short period of time can also minimize external access along with changing passwords frequently. Face or fingerprint recognition software adds added security.\u201d\n\nWhile endpoint security is an important part of a robust security apparatus, it won\u2019t protect an organization\u2019s corporate network on its own. \u201cSome advanced precautions might seem like overkill for a home office, but not if we view the home office as a mere extension of the corporate network,\u201d says Scott Schober (@ScottBVS), President\/CEO at Berkeley Varitronics Systems, Inc. \u201cEndpoint visibility and detection at each home office allows IT to view the actual number of endpoints that need protection.\u201d \n\nThe ultimate answer may come via strong partnerships: The same IDG\/Insight survey found that 87% of respondents will rely on third-party providers for support with challenges around infrastructure, operations, and culture. \n\n\u201c\u2018Endpoint anything,\u2019 including protection that is based with on-premises technology, is limited in what it can do and what it can reach in today\u2019s world. On-premises requires a lot of extra configuration and cost to support devices that are mostly remote when compared to a cloud-based solution in which touching or accessing a device from any location is just native with minimal infrastructure,\u201d says Joseph Flynn, Director of Modern Workplace at Insight. \u201cEndpoint security is harder to drive XDR types of services in an on-premises solution, as AI is usually in play. This tends to drive much of the automation and protection to streamline and increase capabilities. Having those capabilities on-premises in most tools is not possible unless they connect to some cloud platform\u201d\n\nInsight Enterprises, Inc. is a Fortune 500 solutions integrator helping organizations accelerate their digital journey to modernize their business and maximize the value of technology. Insight\u2019s technical expertise spans cloud- and edge-based transformation solutions, with global scale and optimization built on 34 years of deep partnerships with the world\u2019s leading and emerging technology providers.\n\nChrome Enterprise Upgrade (CEU) from Insight provides a simple and secure way to manage your devices. Try for free today.