In the last 7 months, we have seen a tremendous increase in people working from home around the world. As this has been very beneficial and productive for some businesses, it is also causing high risk for cybersecurity threats. When we extend digital connectivity beyond the traditional workplace, this usually increases exposure to cyber attacks and other threats to data security. Here are some recommendations to identify and manage the different risks you might encounter from having employees working from home whether you are in Toronto, Canada or down south in Texas, United States or even across the ocean.
When people access work applications and resources from beyond the traditional workplace, they lose some of the protections the office provides. This can increase the risk of hackers getting access to sensitive data. Here are five typical points of vulnerability you’ll find in just about any work-at-home environment.
1. Employees – Do employees use work laptops for personal apps? Are they sharing work devices with family members? People may engage in these and other risky behaviours without realizing the danger they may pose.
2. Endpoints – Are laptops and devices in the home office work-issued or personal? Employees working from home should have a work-issued laptop with all the necessary security programs.
3. Other devices – The laptop may be from work, but if it’s connected to a home printer or other device that doesn’t have the latest security technology, that’s a problem. Home devices can open up a point of entry for a cyber attack, and the security team at work may not even be aware of it.
4. Wi-Fi – Because of the lack of standard configurations for Wi-Fi access technology, connecting to work resources from a home network is inherently riskier than connecting at work. Also connecting to an open WIFI network at lets say Starbucks, causes even a higher risk as more people can join for free.
5. Remote Access – Many organizations based their protection on security controls that preventing access into specific network segments. However, the new reality of remote access forces them to open their entire networks for remote users, and it directly affects the way of handling privileged access to critical systems and critical IT assets.
Now that we have distinguished how to identify a working from a home cybersecurity threat, let’s discuss how to manage them. The following tools are critical to enabling security teams to manage the risks that come with deploying a remote working team. Even more critical is consolidation of multiple tools on one platform; this enables simultaneous visibility across the attack surface.
1. Monitoring Endpoint – Continuous awareness of endpoint behaviour and analysis of threats that appear to provide the first line of defence against the types of attacks that typically begin at endpoints.
2. Monitoring Network – The ability to review network data is critical for the visibility needed to quickly detect, investigate and respond to network threats.
3. Threat Plan – A planned out threat response makes it possible to take quick and consistent action once threats are detected. Also, having a policy in place for remote access would be very helpful.
4. Threat Detection Platform – To detect intrusions as they are happening, you need a threat detection platform that can provide complete, real-time visibility into all network and endpoint activity as well as the analytics to prioritize threats for response.
5. Secure Connectivity Solution – Implement solutions such as a VPN or zero-trust access and a Privileged Access Management (PAM) solution. Also, this is the best time to run a clean-up of orphaned IDs and to revoke extra permission from existing privileged-users.
Working from home is becoming more and more popular with everything going on in the world. Whether you live in London – England, Mexico City – Mexico, or even New Jersey – United States, we all need to be more aware of cyber attacks that can be made from employees working from home.