This article is part of a series hosted by Security Roundtable and powered by Palo Alto Networks that provides ideas for dealing with the ongoing cybersecurity challenges during the coronavirus (COVID-19) pandemic.
Nearly every company in the world is grappling with new and urgent challenges created by the coronavirus (COVID-19) pandemic.
IT and business leaders must provide employees with easy access to services, data and applications from their homes while ensuring high levels of security. And they must achieve this secure access at unprecedented scale and speed for an indeterminate period of time.
Few companies have been set up to immediately shift to a remote workplace environment newly dominated and defined by secure remote connectivity. We all have to adjust and respond quickly.
Palo Alto Networks is no exception. But we were perhaps more fortunate than some other companies because we had a strong IT Business Continuity Plan (BCP) to activate when the seriousness of the situation became apparent. We were also able to enhance the BCP where needed to help ensure uninterrupted productivity for employees and vendors.
In this time of crisis, it’s important to share knowledge and experience. I’m going to share what Palo Alto Networks is doing. We’re all in this together, and many of us have similar challenges to tackle.
No. 1: Ensure secure access to resources remotely
In our organization, we witnessed an increase of more than 120% in bandwidth usage over the first week when most employees worked from home. By using a cloud-based platform for network security, we were able to scale seamlessly.
We used a technique called split tunneling to shunt off video-application specific traffic, helping to mitigate bandwidth challenges. We also used a mesh based network access to allow engineers working remotely to access resources within our headquarters, such as customer support labs.
Zero Trust has been another important element in providing secure remote access. With a Zero Trust security model, consistent security policies are applied whether the users are logged in from the network or outside. This was coupled with credential theft features implemented in our firewall and two-factor authentication, which is in place for all critical applications.
No. 2: Measure everything
It is essential to measure key metrics and have standard SLAs/SLOs in place. You need to measure system availability and performance, productivity, usage of collaboration tools and more. We created an IT BCP dashboard that includes metrics and week-over-week changes on these metrics. The dashboard is available to all employees.
The dashboard includes email usage, meeting metrics, Jira stories, GitHub commits, etc., in addition to weekly and daily active users on tools such as Zoom and Slack. We measure help desk, customer enablement and aging of tickets for applications and infrastructure. We also measure mean-time-to-resolve tickets, the ratio of tickets opened/closed, and first-time fix rate.
With everyone working remotely, including IT personnel, the normal channels of communications may not be there. Without constant measurements, it may be difficult to understand how things are actually working in your environment. By measuring everything you will know what is and isn’t working, so you can make adjustments based on real-world information rather than educated guesses.
No. 3. Make IT help available everywhere
There are various tools organizations can use to support remote workers. We use Tech Oasis to enable employees in campuses or branch offices to get immediate access to IT help and resources. With everyone working remotely, however, we had to repurpose Tech Oasis employees and ensure our first-line help desk team could work remotely in an effective manner.
We are keeping a minimal staff at the office globally to support shipping of resources. Otherwise, everything else has been migrated to a remote activity. We are using Slack channels for support, in addition to having users call or get help via email. We are accelerating our implementation of bots for Slack, which provide conversational AI to support simple queries quickly. Some key issues to resolve for employees include:
- Allowing users to reset passwords remotely and access help in case their passwords have expired, and they cannot connect to the secure VPN.
- Self-service multifactor reset: We have a Demisto-based bot connected with Slack that enables this.
- Manager-led or easy-to-implement onboarding and offboarding of employees remotely.
Onboarding and offboarding requires specific steps. You should probably consider a virtual on-boarding plan with hiring managers, including steps for digital onboarding and new hire orientation. By using SaaS applications and applying a Zero Trust approach to security, many new employees can be up and running quickly with any device, provided they use company-issued security tools and strong identity practices.
No 4. Communicate, communicate, communicate
Proactive steps to take: A daily update on the intranet; a dedicated Slack channel to handle COVID-19 related queries; managers having daily check-ins; virtual dashboards. Most importantly, be responsive to employees’ needs, with IT available on multiple channels while communicating proactively.
Steps we have taken include:
- Sharing our IT BCP broadly and making the IT BCP dashboard available and visible to all employees.
- Providing avenues for our leaders to communicate virtually across the company using Zoom and Slack.
- Creating a daily update on our home intranet, including recordings of the virtual All Hands and other key blogs/notes.
It is important to recognize that employees will feel anxiety in this period of uncertainty, working at home, and juggling family and work.
Remember, you can’t be proactive enough. Provide your employees with an easy mechanism to consume information, have clear avenues for your executive leadership to share messages, and enable the right technology to operate effectively. This is the time for strong leadership. Make sure you and your teams are ready.
Naveen Zutshi is the Chief Information Officer at Palo Alto Networks.
Go here to read all the articles in this series on dealing with the ongoing cybersecurity challenges during the coronavirus (COVID-19) pandemic.