Over the past few years, it has become clear that just trying to block out cybersecurity threats is not enough to protect an organization. Everyone now understands that firewalls and traditional antivirus solutions are not enough, as breaches are inevitable.
Yet as much as most organizations recognize the increased need for security, they have concentrated their efforts largely on protecting their on-premise network security. As a result, protecting themselves from the threats that come with allowing remote work has not been a priority.
With the spread of the novel coronavirus (COVID-19), many organizations now permit or even require employees to work remotely. This more distributed, less secure workforce has created another opportunity for cybercriminals to attack an organization.
Companies such as Google, which have a remote-work culture, are already prepared for such threats. However, companies without a remote-work culture tend to rely heavily on on-premise network security protocols. They have a whole new set of challenges from threats that come with employees working off-premise.
The Risks of Remote Workers
Employees working remotely may access or transmit company trade secrets, as well as personal information of customers and/or staff. Inappropriate exposure of either type of data can lead to significant adverse consequences for a company, including significant business damage or loss.
Employees working from home may use their personal computer rather than a company issued computer. In addition, they may take shortcuts, such as downloading or saving sensitive company materials to their personal devices, desktops, thumb drives, hard drives and file hosting services in the cloud (e.g., Dropbox).
Furthermore, employees working remotely from coffee shops, libraries, or other remote locations with Wi-Fi access are susceptible to “physical breaches,” as they may leave laptops or devices unguarded in places – even their car -- without the physical security of an office setting. In public places such as coffee shops, third parties with a view of the employee’s computer screen could see trade secrets or personal information.
Mitigating Risks from Employees
To guard against these threats, employers should have a remote work policy that all employees are aware of and comply with. The policy should include precautions such as:
- Requiring all employee devices to be equipped with employer-provided security software and the latest manufacturer software updates prior to permitting access to any remote systems.
- Prohibiting employees from using personal devices; or, if the use of personal devices is unavoidable, requiring them to be configured with company-sanctioned antivirus and other security software, password protection technologies, and secure network connections.
- Requiring multi factor authentication upon each login to a company portal.
- Only allowing remote access through a virtual private network (VPN) with strong end-to-end encryption.
- Prohibiting working from public places, such as coffee shops or on public transportation, where third parties can view screens and printed documents.
- Prohibiting use of public Wi-Fi, and requiring the use of secure, password-protected home Wi-Fi or hotspots.
- Imposing additional credentials for those who require the ability to download certain sensitive data.
- Providing an easily remembered email address -- such as security @ yourcompany DOT com –where users can report security issues quickly and easily.
Naturally, given the urgency behind the present “work from home” transition, it may not be practical to implement all of these steps immediately. However, because future natural disasters could as easily force an organization to have to pivot their entire workforce to remote work, employers need to be prepared for the cybersecurity risks involved. This requires pre-planning and extra effort.
To learn more about how to set up a strong security practice, check out our white paper, Five Clear Steps to Enhance SecOps with MITRE ATT&CK.