COVID-19 has had a dramatic impact on the operations of many organizations and nearly all daily routines of their employees.
With requirements of quarantine and social distancing, being able to access critical applications and data remotely has given many organizations a way to make it through this difficult time. Working remotely is supported by the push for cloud computing and accessibility, allowing people to access their information and services from nearly anywhere. With this accessibility, however, comes the need for refocused security efforts. Most of these efforts aren’t necessarily new but must be prioritized in order to protect employees and assets, as more and more threats seek to take advantage of the pandemic.
The rise of cloud computing, mobile computing, and remote workforce have antiquated the traditional “secure perimeter”. We can no longer rely on our high-end firewalls and monitoring that protect our organizational networks. The attack surface is extended well beyond desks and cubicles into home and coffeehouses. In order to accommodate such, a greater focus needs to be placed on endpoint protections. Ensure your patching/updating tools can still keep software on remote devices on the latest versions. Deploy Next-Gen Antivirus or Endpoint Detect and Respond (EDR) software to all systems to protect against the latest threats. Check to see if your internal protections have agents that can be implemented to extend their functionality to remote devices. Many services, such as Cisco Umbrella and Security Information and Event Management (SIEM) products, have such offerings.
Of course, none of these controls matter if business is being conducted on employee personal devices. If at all possible, provide employees with organization-controlled and protected systems for remote work, as there is no visibility into the security of personal devices. Discourage the storage of critical and sensitive data on remote systems by providing easy mechanisms and workflows for working on data in organizational information systems like VPN or cloud storage and applications. Stay away from commonly targeted remote access methods like Remote Desktop though and secure VPN and cloud apps with strong authentication controls like multi-factor authentication as well as restricting access to only the resources each employee needs. If sensitive data must be kept on remote systems, ensure that whole disk encryption is used in case the devices are lost or stolen.
Despite the mention of many technical controls, one of the most important aspects of protecting a remote workforce is the same as protecting an in-office workforce: security awareness and training. This becomes even more critical as the security of your organization now depends on the security of each remote employee’s home network and practices. Give remote workers guidelines for basic home network hygiene such as setting secure wireless and router passwords, ensuring routers are up-to-date, and disabling router remote management. Encourage locking workstations when not in use, even when at home, to prevent overzealous family members from causing problems. Stress the importance of remaining vigilant against phishing scams as attackers are active exploiting the pandemic to increase their phishing success rates. Finally, providing an established line of communication for reporting phishing or suspicious activity is vital in a remote work scenario where visibility is reduced.
As remote work continues to see a wave of adoption, it is crucial that cybersecurity protocols adapt to the changes. This requires a reprioritization of efforts to accommodate the shift in the threat landscape. Remote employees are continuously being exposed to specific vulnerabilities and are working without the full protection of on-site IT security. Seeing this, it’s critically important that remote workers are trained to recognize the types of attacks they are most likely to encounter. Organizations must deploy the tools and trainings they need to get cybersecurity right, both in the office and homes.