The shelter-in-place orders and closure of non-essential businesses that have been implemented to slow the spread of COVID-19 have brought the need for business continuity to the forefront. Most enterprises have shifted to a work-from-home model that allows employees to continue working while adhering to social distancing measures. However, the massive shift to remote work brings a new challenge: continuing to secure the business while providing the flexibility and access that remote workers now require.
These unprecedented changes have affected both the nature of the attack surface security teams must defend and the tactics they must anticipate from opportunistic threat actors. Security teams have an important role to play in strengthening business continuity by ensuring this shift does not create tradeoffs between usability and security. There are three steps they can take to begin to address this issue.