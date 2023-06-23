Security attacks have no respect for geographical boundaries. Last year malware and ransomware attacks, despite increased investments in Anti-Virus Next Gen and Endpoint Detection & Response solutions, rose by 400% [1]. Security remains a cat-and-mouse game as hackers continually adapt their modus operandi. Recent targets include archive software, PDFs and QR codes [2] . As hackers break boundaries, devices (as well as employees, apps and data) increasingly sit outside of the network perimeter. Employees work at home and in unsafe public spaces surfing unsecured Wi-Fi networks. People working from home are sharing their laptops between home and office tasks – another boundary broken down.

Most organisations have enabled staff to work outside the office from different places, whether it’s home, the office or somewhere else and have access to their applications and data, notes Pelle Aardewerk, Cyber Security Consultancy Lead at HP. “It is fantastic for business continuity, employee experience and productivity. However, security is still an afterthought.”

Securing the workforce – a zero trust approach

Increased Hybrid working, cloud migration and the digitisation of access to devices/apps/data via the internet all mean there’s a need to look strategically at how to secure the global workforce. “There is a strong case that we need to focus on zero trust-based endpoint security,” says Aardewerk. “Devices are ultimately where the user, apps, data and the internet come together and nowadays are victim of the biggest attacks; this is where hackers focus nowadays since employees (as the weakest link) do and will not behave secure enough; think about clicking on multiple (untrusted) URLs and attachments during the day.”

Four core elements combine to create zero trust-based endpoint security. The first element is ‘verify and control the identity and access of the employee’. You need to know whether the user is who they say they are and to control the access someone has to systems and data based on their role. Access to the device, as well high privileged activities, is also based on muti-factor authentication (including biometric controls).

Secondly, you must verify and control the reliability of the device, whether a computer, laptop, printer or phone. A zero-trust approach means ensuring a device remains secure through the supply chain (isn’t tampered with between the factory and end user) as well during usage to prevent firmware attacks.

Thirdly, organisations must ensure the device belongs to the right person – around 8-12% of laptops are lost during their lifecycle. Some are stolen and hence the need to timely lock devices and where needed erase data remotely.

Finally, verify anything coming onto the device isn’t a threat. Employees click on links, on documents, and insert USB sticks, which requires strong isolation technology like HP Wolf Sure Click Enterprise.

Golden triangle: securing your hybrid workforce

The golden triangle regarding security is to consider people, policies and technology. You need working policies and training to inform people, to secure their (hybrid) workplace. Since hackers focus on unsecure behaving employees, companies need secure by design technology you can trust.

HP solutions can secure the devices that empower your global workforce and maintain productivity. For example, HP Sure Recover (for HP Elite Computers) quickly recovers the operating system (including latest corporate image) throughout a computer’s lifecycle whenever needed and in case of ransomware attacks, ensuring resilience.

HP Sure Start can automatically detect, stop, and recover from a BIOS attack or corruption without IT intervention and with little or no interruption to user productivity.

HP Sure Admin is a password-free modern security technology used to control access to business critical systems for remote administration and/or local management for field support personnel. Sure Admin uses public-key cryptography to eliminate the risks associated with password-based approaches.

Meanwhile, HP Wolf Protect and Trace can protect data and track your fleet of HP devices so that unauthorised users can’t access files and documents on your network. HP Wolf Protect and Trace provides a complete hardware-enforced find, lock, and erase service.

Sensitive applications and secure network connections between clients and servers can be completely isolated, so authorised users can access the applications and data they need to do their work. From wherever they are, worldwide.

To help protect users and IT from unsecure ‘clicking’ on malicious files and URLs, HP developed the Sure Click Enterprise threat containment solution (to isolate threats) for any industry PC, thereby ensuring the resilience of business-critical IT/OT operations as well happy hybrid working.

