5 critical security elements of our Managed Digital Workspace

The rapid adoption of remote working has provided hacking groups with new and growing means with which to gain access to accounts and networks.

Failure to ensure that every corporate device is continually updated, patched, protected, and connected securely to the internet at all times, is basically an open invitation for hackers to access your data.

In order to keep hackers at bay, any future-facing model must ensure the following areas are covered – 24/7/365:

• Every end device receives regular security updates.
• Software packages are deployed centrally.
• Anti-virus software is always switched on and up to date.
• All software and apps are regularly updated.
• OS and software security patches are regularly implemented in order to address vulnerabilities and fix bugs.
• Update and patch the underlying drivers and firmware of all devices.
• Internet browsers are protected and secured.
• Central security policies are applied to devices to protect users from compromised USB devices.
• Deliver the same level of web protection for the roaming end user as you would in the office environment.
• Immediately identify and prevent malicious data packets that are attempting to infiltrate your network.
• Monitor any potential cyber-threats that are on the horizon, before they impact your network.

But how can an organisation ensure that all the different elements mentioned above are always being monitored and enacted?

With years of experience in providing distributed workforces with the tools they need to operate efficiently and securely both in the office and in remote locations, our Managed Digital Workspace has been designed to ensure that security is always a top priority.

Today, as the demand for flexible remote working continues to grow, in order to counter the mounting threats posed by malicious threat actors we now deliver a security solution that provides complete peace of mind.

Our security solution has been developed in partnership with Cisco and VMware and is founded on 5 key elements.

1. VMware Workspace ONE intelligence-driven Mobile Device Management (MDM) platform.

It all starts by integrating access control, app management and multi-platform endpoint management into a single platform using VMware Workspace ONE.

Available as a cloud service or on-premises deployment, this intelligent MDM solution delivers the ability to manage and control thousands of mobile devices across the widest possible geographical locations. VMware Workspace ONE informs us exactly where the devices are and more importantly enables us to enforce policies and security restrictions, remotely control them, and even remotely wipe them if they are stolen or lost.

With laptops in mind, we deliver full out-of-box, zero-touch provisioning to users direct from the supplier. Once safely in the hands of the user, all they have to do is unbox the device and turn it on. They will be presented with a login screen where they simply enter their corporate credentials, hit enter, and they are instantly logged into the device.

The device is already pre-configured to access your corporate domain, and as the MDM software is preinstalled it will automatically check into the Quadris dashboard, so that we are aware that that user is on that device and from the moment it is connected.

By default, the platform will apply a comprehensive range of predetermined policies to ensure the security of every device and every end user.

• BitLocker encryption is enabled in order to protect the hard drive against unauthorised changes. Furthermore, encryption locks are in place so that in the event that the encryption be compromised or turned off for any reason, it will automatically be re-encrypted.

• A wide range of policies can be applied in order to restrict certain functionalities and actions, such as the ability to connect USB sticks or flash drives that can lead to potentially disastrous data loss. Whatever restrictions are required, they can be applied quickly and simply to thousands of devices from one central location.

• This versatile MDM also enables us to roll out new apps or update existing apps centrally, providing an unrivalled level of control of the day-to-day management tasks.

• With smartphones in mind, the MDM delivers the same out-of-the-box experience. When the user turns the smartphone on, it immediately asks for their corporate credentials before checking into the MDM server, which in turn installs the MDM app. The device is immediately provisioned including the automatic configuration of corporate email accounts. This bypasses all the usual time-consuming steps, such as asking if the user wants to back up the device using iCloud and having to create an iCloud credentials and user account.

All the above can be achieved quickly and simply, without ever having to be physically in front of the user.

2. Cisco Umbrella Secure Internet Gateway (SIG) for remote users.

In the conventional office environment, users can connect to the corporate network via cable or Wi-Fi, safe in the knowledge that there is a datacentre or server room that delivers full web security in the form of proxy servers, firewalls, and enterprise grade anti-virus software.

But when the users work remotely from home or from a coffee shop, it presents a challenge as to how to you protect that device when accessing the web. So, to ensure the security of every device, regardless of location, we have enlisted the help of Cisco Umbrella SIG.

• SIG delivers multiple security functions integrated into one cloud service. In addition to providing the flexibility to deploy security services to all remote end users, it also secures direct-to-internet access, cloud app usage, and roaming end users.

• Unlike other solutions, there are no appliances to deploy as Cisco Umbrella is an app that is pre-installed into the laptop. This means that wherever the laptop may be, it has all the protection you would expect from a corporate proxy, such as the general blocking of gambling, pornographic, or social media websites. All these policies can be assigned from the cloud to protect the device regardless of its location.

• It also enables us to leverage more advanced features such as cloud access security broker (CASB) software. This sits between cloud service users and cloud apps, in order to monitor activity and warn administrators about potentially hazardous actions.

• More specifically, CASB software enables administrators to introduce granular, policy-based restrictions. As a result, rather than just blocking or allowing access, it provides the ability to grant access but with certain restrictions, such as allowing users to access Dropbox but block uploads, or login to social media but prevent the sharing of posts.

Cisco Umbrella is a powerful tool, offering the same level of web protection for the roaming end user as you would expect when working in a conventional office environment.

3. Cisco Secure Endpoint (formerly AMP for Endpoints).

Despite the best intentions you can’t rely on prevention alone, which is why our solution also relies on Cisco Secure Endpoint (Advanced Malware Protection for Endpoints) in order to provide global threat intelligence, real-time malware blocking to prevent breaches and advanced sandboxing capabilities.

With Cisco Secure Endpoint, you have a high-powered, enterprise-grade level solution that will defend your network infrastructure from all sorts of malware (e.g. Ransomware, Business Email Compromise, etc.) and help prevent attacks from newer variants.

Your network infrastructure is one of the top targets for cyber-attackers; as once they have entry into your infrastructure, over time they can gain access to the servers and databases that reside on it.

This leading-edge solution delivers the visibility and control to defeat advanced attacks by continuously analysing file activity across your extended network, so we can quickly detect, contain and remove advanced malware.

• If your organization is hit by malware, Cisco Secure Endpoint uses the above-described feeds in order to identify and prevent malicious data packets that are attempting to break through and infiltrate your network.

• Afterwards Cisco Secure Endpoint will then provide detailed information to your IT security staff as to the origin of the malware, what its point of impact was in your in-network infrastructure, and what the current status of the malware is. In fact, with just a few clicks of the mouse, the malware can be contained, and isolated from causing further damage.

• Another advanced feature of Cisco Secure Endpoint is its ability to sandbox any device. This means that in the event of an attack on an end client we can cut the connection between it and the outside world, thereby preventing it from spreading beyond the device to the corporate network. But we still retain the ability to access it remotely and investigate the issue in order to ascertain the exact nature of the attack.

4. Cisco Talos Intelligence Group.

Prevention is always better than cure. And the internet of today is a vast, unsafe cyber-neighbourhood. Connect a freshly loaded Windows system without patches to the internet, and within 10 or 20 seconds following the connection, the system will be attacked.

Which is why we stay at the forefront of threat detection by tapping directly into the feeds of the Talos Security Intelligence and Research Group and Threat Grid. This alerts us to any potential cyber-threats that are on the horizon, before they impact your network.

• Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world, comprised of world-class researchers, analysts, and engineers. These teams are supported by unrivalled telemetry and sophisticated systems to create accurate, rapid, and actionable threat intelligence.
  
  
• Talos defends against known and emerging threats, discovers new vulnerabilities in common software, and intercepts threats before they can cause further harm.
  
  
• The unrivalled expertise of the team is backed by sophisticated infrastructure, and Cisco’s unrivalled telemetry of data that spans across networks, endpoints, cloud environments, virtual systems, and daily web and email traffic.
  
  
•  While Talos overarches the entire Cisco portfolio, it specifically focuses on Cisco Umbrella and Cisco Secure Endpoint, delivering real-time information on threats the moment they are identified.
  
  
• As soon as threats are classified, they are automatically made available as definitions to the relevant software and apps in use. As a result, we are as up to date as anyone possibly can be on threat analysis and threat detection, ensuring that we are always at ‘day zero’ – the same day an event occurs, or a vulnerability is discovered.

With Talos extensive and unrivalled threat intelligence capabilities on our side, not only will they help ensure the security of your network, they also make the internet safer for everyone. 

5. Quadris Security Operations Centre (SOC).

Quite simply, the Quadris SOC oversees our entire security solution. It is there to ensure that all the different elements are always being monitored and enacted.

• Continuously monitors all devices and systems to ensure they are fully compliant; from a patching perspective, and from a security perspective, ensuring that they are always encrypted, and that all policies are in effect.
  
  
• From the Quadris SOC, we are able to centrally manage and push out updates. We are also able to analyse updates to ensure that those updates are ready for devices and there are no known issues before we push them out.
  
  
• Should any policies not take effect on a device, we will immediately be alerted that it is uncompliant and Quadris SOC will investigate to ensure it is returned to a compliant state, according to our own predetermined baseline.
  
  
• If there is an issue with a particular update, that could potentially cause an app to become unavailable or lead to problems with end user devices, we can centrally uninstall that affected update from all affected devices. Only when we have determined the cause of the problem and found a solution will we roll out the update to all devices in order to bring them back online.
  
  
• To complete the picture, we also continually update and patch the underlying drivers and firmware of all devices operating on the machines. This ensures that they are always up to date throughout the entire lifecycle of every machine, thereby avoiding any incompatibilities that can lead to more serious issues.

Let Quadris put security at the very heart of the Managed Digital Workspace 

As the demand for flexible remote working continues to grow, malicious cyber threat actors will continue to take advantage of the situation.

As a result, it is crucial that organisations are aware of the potential cyber threats they face while they make transitions to alternative business continuity plans, and that they are informed of the immediate steps they can take to mitigate potential risks.
 
By adopting a strong defensive position, you can help to ensure the security of your organisations’ most important assets.

For more details about how the Quadris security solution ensures your people are as protected when working remotely as they are in the office, contact Peter Grayson on 0161 537 4980 or email peter.grayson@quadris.co.uk