Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Don’t throw out your prohibited thumb drives: Liberate your workers who need more IT freedom

By Marc Gaffan
cyber security freepik

<a href='https://www.freepik.com/photos/background'>Background photo created by rawpixel.com - www.freepik.com</a>

March 8, 2021

The Unofficial Law of Endpoint Security Proportionality: The security measures taken to protect an employee’s endpoint are proportionate to the proximity of the employee to the company’s most valued assets. Or, put in simpler terms, the more closely an employee works with a company’s crown jewels, the more essential it is to virtually eliminate the possibility of an endpoint security breach.

 

The Curse of the Dual Laptops

At many companies, workers who need to access vital corporate assets or sensitive customer data are used to having workstations that are heavily restricted in terms of what the end users can do on them:

  • No free-range web browsing
  • No access to risky or questionable email attachments
  • No downloading, installing, and running third-party applications
  • No admin rights for developers or power users to the machines they work with
  • No use of portable hard drives (thumb drives) to transfer data from one endpoint to another

There are some scenarios where this highly restrictive environment is appropriate -- call center workers, for example, can often effectively do their jobs without engaging in the above activities and by using non-persistent virtual machines that always revert to a pristine state upon boot-up. For so many others, however, like developers, human resource staffers, financial systems administrators, operations personnel and others, a normal day’s workflow can include many, if not all, of the above locked-down activities while also centering around vital corporate assets that must receive the highest level of protection.

The solution often employed involves restricting the use of a company-provisioned endpoint to just this highly sensitive corporate work and then relegating all other activities to a completely separate machine. Taking this dual-laptop approach of isolating work with high-value company assets from everything else an employee might do in the course of a normal day has been considered one of the surest ways of protecting corporate assets. This is the predominant model among contractors, too, who are likely to carry multiple laptops in order to do the work of their client on one machine while waiting until they can switch devices to take on the work of their employer.

All this switching between endpoints is a workplace productivity problem. Having to use two different machines -- one for highly sensitive tasks and another for other essential but less secure activities -- greatly curtails operational efficiency. Further, without the right security measures in place, even limping along with a dual endpoint strategy can leave enterprises at risk of falling victim to cybercrime. When workers try to move data from a governed device to a non-governed device, corporate assets move outside of the corporate domain where they are no longer protected.

 

Endpoint Vulnerability: Corporate Attack Surfaces Are Expanding

Endpoints have long been known to be the source of the majority of corporate security breaches. Estimates from before the pandemic pegged the endpoint as being responsible for upwards of 70% of all breaches. Endpoint security spending has increased year-over-year, too, but this is just an arms race. Bad actors know that compromising an endpoint with malware is a direct route to a company’s invaluable data.

Now, with the paradigm shift that the pandemic has induced, so many people are assuming that expanded remote work is going to be the way of the future. They’re likely not wrong. For IT organizations, the prospect of remotely managing exponentially greater numbers of devices can be more than just a headache. For end users, needing to rely on technology to fill in the gaps for face-to-face communication when their IT freedom is severely limited is an express trip to frustration. For CISOs and the rest of the executive suite, this expanded attack surface is the stuff of nightmares. And for the bad actors these executive leaders are worried about, the massive shift to remote work is a bonanza.

 

Supporting Distributed Teams in the Post-Pandemic Business World

The world is not yet beyond the COVID-19 pandemic, but IT organizations should be well beyond their initial responses to the shutdown of in-office work. Over the course of the past year, every company that could enable distributed workflows found a way to do so. For workers requiring privileged access and others whose work was less sensitive, COOs and CIOs enabled remote work by whatever means seemed to be most immediately accessible, even if the short-term strains on IT resources and CapEx and OpEx budgets were severe.

For many companies, this meant dramatic scaling of virtual desktop infrastructure (VDI) or desktop-as-a-service (DaaS) solutions. VDI and DaaS have been around for years now, with most large enterprises having invested in one or the other (or both) for at least a subset of their employees. With the overnight push to work from home, upping the ante on these legacy remote work solutions seemed like the obvious play.

And it was… at first. But while these remote workspace approaches provided a short-term fix and a surface-level solution, expanded VDI and DaaS deployments exacerbated some inherent problems that are common across enterprises utilizing these approaches:

  • VDI utilizes company-owned infrastructure and often involves complicated deployments. User experience degrades, too, when backhauling saps bandwidth and lag time increases.
  • DaaS can suffer similar problems with lag time causing poor user experience, especially when running intensive workloads or working in low-bandwidth environments. Further, virtual desktops are inaccessible when users are offline.

In all cases, the greater number of remote workers increases the threat exposure companies are facing. Some have turned to web isolation, which operates on a simple concept: Move Internet activity away from a company’s local networks and infrastructure and allow users access to the web via a browser application running on a locked-down virtual machine in the cloud. Browser isolation has its merits, but it only solves a small part of the endpoint security problem because it only covers a narrow range of typical worker activity. There are too many other ways to infiltrate the endpoint and therefore the company network.

At this point, companies should be looking to institute a much more mature and complete solution for supporting remote collaboration while ensuring corporate security -- one that maximizes IT freedom for workers and promotes operational efficiency while minimizing the company’s threat exposure.

 

Accelerating Digital Transformation with Isolated Workspaces

Just as COVID-19 forced a new way of thinking about remote work, there’s an opportunity for a different sort of paradigm shift -- one that changes the way we think about establishing secure workspaces. Workspace isolation -- splitting a single endpoint device into higher-risk and lower-risk isolated environments so users can work freely without compromising security -- is an approach whose time has arrived, and it’s the answer to the dual-laptop conundrum.

Workspace isolation establishes a separate, virtual operating system on a user’s endpoint. The notion that a single laptop or workstation can accommodate multiple operating systems, preserving a pristine environment for sensitive corporate work while relegating higher-risk activities (including accessing third-party content) to the other environment is a new concept for many.

The beauty of workspace isolation is that the behavior of the workspace is managed from the cloud, while the VM workload is running locally on the user’s machine. For the IT administrator, remote management is the key feature, allowing for instant provisioning of an additional hypervisor-isolated operating system, splitting the physical device into two environments. For the worker, the user experience is native, free of the lag and bandwidth issues that can plague legacy VDI and DaaS solutions, and free of restrictions on activities they need to engage in to do their jobs. And for executive leadership, isolated workspaces offer peace of mind in knowing that endpoint security is greatly amplified even as the number of remote workers jumps by an order of magnitude.

Workspace isolation, with its ability to protect company networks and assets from cybercriminals preying on workers whose normal business activities include accessing sensitive corporate resources, ushers in true digital transformation. Isolated workspaces liberate all workers to utilize their endpoints to their greatest capacity, while empowering IT organizations to respond with agility to the wide fluctuations in demand for secure remote workspaces the business world is sure to continue seeing now and into the future.  

KEYWORDS: cyber security information security insider threats risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Marc gaffan

Marc Gaffan is CEO of Hysolate, a startup that is changing how we manage and secure our endpoints. Prior to joining Hysolate, Marc was the Chief Business Officer at Nexar, where he led sales, marketing, biz-dev, customer success and field operations. He is a thought leader on application security and distributed denial of service (DDoS) and has appeared before the US Congress, FDIC and Federal Trade Commission on cyber security and identity theft topics.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Half closed laptop

Sudo Vulnerability Discovered, May Exposes Linux Systems

Person holding cellphone

Millions of Android, iPhone Users Could Be Sending Data to China

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • From the ER to the Executive Suite, Hospitals Tighten Up

    Don’t let your guard down over IT security during the pandemic

    See More
  • securityofficer

    Is Your Security Guard Good Enough? Why Many Protection Agents Need More Training

    See More
  • get more out of your access control system

    Get more out of your access control

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • 1119490936.jpg

    Solving Cyber Risk: Protecting Your Company and Society

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!