The Coronavirus pandemic has caused a seismic shift in working practices with millions of employees being forced to work from home because their offices have been closed. Many will stay that way, because the economics and work patterns have changed permanently, but it is presenting companies with numerous issues – not least cybersecurity.
There are a several reasons why home-working has increased the level of threats. Firstly, most employees are using their own broadband connections to login to company systems. Any one of them could provide an unauthorised access. While office machines are all safely behind a single unified security solution, such as a firewall, those layers of security frequently don’t exist at all on remote devices. Because they are geographically dispersed the network is not easy to administer or support from a single location.
Secondly, many smaller companies had to ask staff to use their own home computers, phones and other devices for work. A major problem is the lack of control over what else is on those machines. Each operating system, application and personal email could potentially compromise that end device and provide access to confidential data or access into the company network.
Thirdly, most remote workers are connected for longer hours than office-based workers. Instead of using local software they are connected permanently to virtual desktops and Cloud-based services such as G-Suite or Office 365. More connection time is simply more opportunity for a hacker.
Fourthly, cybercriminals have noticed the new opportunities and are actively trying to target remote workers (as they did in the Zoom hack).
The main threats remain malware and hacking. Dodgy phishing emails often try to convince users to enter their credentials into fake websites from where they are used to gain access or plant malware onto the network. A new wave of ransomware is also adding to concerns.
To those relatively well-known hazards is now added the risk of unknown persons with physical access to an end device misusing it or covertly acquiring login details.
A third threat vector arises from remote users logging in from inherently insecure networks such as public Wi-Fi hotspots. Many are soft targets for hackers ‘piggy backing’ on the connection – putting the entire IT infrastructure at risk.
What could employees be doing better?
The majority of employees take risks without realising it – for example by using unsecured networks, leaving programs open, carelessly opening deceptive emails, and by not properly erasing documents that they would have shredded had they been in the office. Any of these could lead to a costly data leak or system breach. Better training would close the majority of risk exposures.
What could employers be doing better?
One of the most obvious steps, although costly for smaller businesses, is to ensure that employees are only allowed to use company equipment that has been thoroughly vetted and installed with the latest anti-malware and security patches. Using multi-factor authentication (MFA) will make it a lot harder for hackers to break in by brute force.
Company’s also need to consider the security strategies and credentials of partner businesses, main suppliers, service providers, and other stakeholders. If a partner is compromised the problem can spread like a contagion.
Companies also need to provide their remote workers with strong VPNs that thoroughly secure the flow of data between the company’s central systems and remote devices. A problem that has been highlighted is the use of multiple cloud services from different vendors. Unification on a single platform reduces the number of risks and makes everything easier to administer.
Cloud service providers can offer purpose designed mobile device management solutions that combine end to end encryption, firewalls, traffic monitoring and anti-virus software. If you have recently become dependent on Cloud services, a Cloud security solution makes very good sense.