– Or Eshed
1) Replace virtual desktops VDs cost approximately twice as much as leaner, cloud-driven browser security solutions, which are also better equipped to deal with web-borne threats. By replacing VDs with modern solutions, security teams can cut costs, drive productivity, and enhance security — all in one. 2) Implement a zero-trust approach According to the recent IBM Cost of a Data Breach Report 2022, zero trust deployment saved organizations an average of $1 million in breach costs. 3) Manage access through granular conditions Authorization policies should be as granular as possible to ensure no excessive access privileges are given to users. These policies should be consistent across all SaaS apps and local applications and enforced on both managed and unmanaged devices (see above).
In addition to policies based on user roles or attributes, policies can be based on browsing events. 4) Train employees to raise security awareness No given security solution will be complete without training users and raising awareness on the abundance and severity of cyber attacks. Employees must be trained on the importance of being alert to web-borne threats and risks, like phishing emails or websites, malware injections and accidental private data mis-delivery. Conduct phishing drills, show demos, and continuously remind employees that organizational security is literally in their hands.
5) Deploy modern alternatives to costly network solutions Network security solutions like VPNs, CASBs, SWGs and endpoint detection and response (EDR) are costly and require IT management and maintenance, which also come at a business cost. CASBs cannot secure unsanctioned applications, SWGs cannot fully secure malicious websites, EDRs might miss malware downloads, and VPNs tunnel users into networks rather than employing zero trust.
Link: https://venturebeat.com/security/5-ways-cisos-can-secure-byod-and-remote-work-without-increasing-security-budgets/