At Splunk, we want to reassure our customers and user community that we will be here, standing by you to support and help as required. We are all currently experiencing a once-in-a-lifetime global event that affects our everyday lives. Although the number of organizations making a shift towards remote working has been increasing steadily over the last few years, no one could anticipate the force and velocity at which businesses across the world would have to adopt this new operational model with almost 100% of their workforce working remote. And as with any operating model change, the attack surface expands for adversaries and new risks arise.
This article is the first in a series of practical advice and best practice guides, aiming to provide a short overview of things to focus on and help you better protect your organization and infrastructure—even if the bulk of your staff are sitting on their couches with laptops perched on their knees. In the blog series, we are going to highlight free apps available to every Splunk Enterprise or Splunk Cloud customer that can help you manage remote worker security better. And for our Splunk Enterprise Security (ES) customers, we are going to show you how to get even more out of the system to help secure remote work.
To get started, we will focus on a few behaviors more prone to risk due to the shift to work-from-home operations such as:
- Monitoring your endpoints
- Who let the data out
- You gotta love the CVEs
- Wait, what’s this thing running on your machine
- Between Two Alerts: Easy VPN Security Monitoring with Splunk Enterprise Security
- Monitoring Family Pickle Consumption with Splunk!
- Protecting Your Assets: It’s Not Just About Servers and Laptops!
- Your Employees Are Superheroes, but This Superpower Might Be a Security Risk
With each blog post, we will update this one with links to the other blogs.
Thanks to the contributors of this blog post, Bryan Sadowski, Lily Lee, Rene Aguero, James Brodsky, Chris Simmons.