Five steps to protect your enterprise as employees return to the office

Before the pandemic, a multitude of security tools on the corporate network would work around the clock to assess, monitor and remediate connected devices, thereby ensuring elevated levels of device and network hygiene. As we all started working remotely, this was replaced by consumer-grade routers with limited security controls on home and public networks, and an IT team fully reliant on a handful of endpoint agents (that can break or be disabled) to ensure device hygiene. Extended periods of remote work with infrequent IT oversight and limited network security controls causes device hygiene and security posture to deteriorate. Dubbed “device decay”, this exposes devices to vulnerabilities and threats, and translates into an increased attack surface for malicious actors to target.

As offices prepare to reopen after months of lockdown, devices with degraded security posture can pose a serious risk to enterprise networks and business operations. They provide an entry point for threat actors looking to infiltrate corporate networks, exfiltrate sensitive information or wreak havoc on day-to-day operations.

Device decay manifests itself in different ways across different cohort of devices:

    • Employee corporate devices that started with generally good security posture in pre-pandemic days and have degraded over time
    • New devices that got added into the work ecosystem during the pandemic without gold master images and never had the same stringent levels of device hygiene
    • In-office or remote devices that were switched off and haven’t been kept up to date with the latest security patches
    • Always-on IoT and OT devices that have remained idled/unused and gone unattended by IT

Organizations need to reevaluate their security policies to protect their networks and business operations from device hygiene decay.

The following best practices can fortify enterprise network defenses to prepare for returning workers and their devices.

    • Implement real-time inventory procedures that miss transient devices
    • Assess and remediate all connecting devices
    • Automate Zero Trust policy enforcement
    • Continuously monitor and track progress
    • Train/equip staff to help protect your network

Forescout can help you implement security best practices as employees return and transient devices become the new normal. Read Sandeep Kumar ‘s full blog here, check out the Forescout website, or contact your local Exclusive Networks Account Manager to find out how to protect your enterprise as employees return to the office.