The “New Normal”: How Service Providers Can Secure Their Customers’ Remote Workforces

By Fortinet | April 10, 2020

Across the globe, individuals and organizations alike are currently adapting to what appears to be the “new normal,” which includes major changes happening almost daily. Which means it is difficult to know – and plan for – what will happen next. Amid this state of uncertainty, one thing is clear – cybercriminals are showing no signs of slowing down. As networks experience an influx of new devices and end-users connecting from home offices, threat actors continue to deploy sophisticated attacks, including health-related phishing scams, to reach their end goals. 

The New Baseline for Network Traffic 

The concept of a remote workforce is now a reality, bypassing technological and cultural concerns that have kept it on the back burner for years for many organizations. It has resulted in increased volumes of traffic across virtual private networks (VPNs), pushing the limits on available bandwidth. While most service providers and telecom carriers have seen a 20-25% spike in network traffic as of late, it is predicted that this baseline will likely increase to more than 30%. As service providers work to scale this traffic for their customers, they must also consider how this spike will affect their usual go-to security strategies. 

Because of this rapid increase in traffic volume, it has become nearly impossible for service providers to use their behavioral-based detection technologies to uncover cyber threats. And as more organizations encourage remote work, more networks will experience abnormalities as a result of the increased use of personal devices. Fortinet's VP of the Global Field CISO Team, Jonathan Nguyen, explains: “There are [new] network access requests from devices that have never been used before, from people who have never made that request before. This makes it increasingly difficult to differentiate between legitimate and malicious requests and traffic.” With this in mind, it is more critical than ever to have access to the latest threat intelligence to stay ahead.

Prioritizing Real-Time Threat Intelligence

As they move away from behavioral-based detection, service providers must not only gather and assess threat intelligence, but also know what they should look for when analyzing this information. Derek Manky, Chief, Security Insights & Global Threat Alliances at FortiGuard Labs, highlights that patch management issues have recently been amplified as more employees work from home. “Organizations may have rogue devices that are joining networks and these devices can be exploited for an attack.” Although this may seem like a behavioral-based concern, Manky points out that “access control and segmentation can go a long way to helping solve this challenge.”

With a large number of employees now working remotely, service providers are also facing challenges around the general logistics of managing security incidents. Without physical access to remote devices or logs, it is more important than ever to prioritize threat intelligence, cyber hygiene, and education. According to Manky, service providers should “put more focus on mitigation and detection before they get into incident response,” especially in today’s climate.

Leverage Available Offerings to Stay Ahead

During times of constant change and uncertainty, Nguyen-Duy notes that “the ability to have resilient operations, even across a global infrastructure, and the ability to get more out of what you already have is key.” By leveraging capabilities that are available through Fortinet and FortiGuard Labs, service providers can effectively mitigate risk for their customers, even as their business models shift. 

In addition to offering a layered defense approach that helps protect networks from a variety of threats, Manky points out that FortiGuard Labs offers: virtual patching, ethical hacking, zero-day researchweekly threat intelligence briefs, and Threat Signals to help inform about the threat landscape. 

As organizations work to adjust to new baselines across their network environments, it is more important than ever that they have what they need to protect their employees and their data. 

Final Thoughts  

Organizations and individuals everywhere are experiencing change across most aspects of everyday life, especially regarding how work is being done. The recent and rapid shift to remote work has not only impacted operations, but also how service providers manage security for their customers. By leveraging threat intelligence and other capabilities, service providers can effectively deliver services that protect their customers and demonstrate their value. 

Learn more about how to maintain business continuity through broad, integrated, and automated Fortinet Teleworker Solutions.