What ‘Remote Working’ Taught Us About Cybersecurity Defences

Well past the initial rush, work-from-home has established itself as a long-term sustainable model that is likely to stay here. Even as companies plan their unlock strategies and facilitate ‘return to work’ for at least parts of their workforce, it’s clear that the global pandemic may permanently allow some of us to work from home.

A Gartner CFO survey revealed that 74% of CFOs polled will move at least 5% of their previously on-site workforce to permanently remote positions post-COVID-19. Many employees expect to continue to have the flexibility and safety of the work-from-home (WFH) model in the post-Covid-19 world.

While WFH has become a win-win for employers and employees in many aspects, it has opened a can of worms for enterprise security experts.

Millions around the globe shifted to a remote working model in a few days. As enterprise perimeters further blurred, many security leaders are forced to throw their previous strategies out of the window.

Unforeseen Cybersecurity risks

Adopting the new work model has been easier for modern tech firms as they already have the right policies and infrastructure. But remote working was nearly an alien concept for many businesses. A sudden transition to the WFH model was a massive hurdle for such organizations. Enabling thousands of employees to work remotely required them to go against the established practices.

Many were caught unaware of the new requirements to ensure business continuity. They scrambled to enable their corporate networks and provide employees with new devices and remote collaboration tools. Most networks were not equipped to handle the scale. Many employees did not own corporate laptops and access corporate data from their devices (most unprotected and unpatched) through their home networks (probably unprotected).

Once this transition happened—effectively or ineffectively—firms realized that their exposure to cyber threats was at its peak.
CISOs understood that they have plenty of gaps to deal with, such as:

•   Weak endpoint security coupled with direct internet access without VPN
•   Surge in cloud-based tools & data transfer to cloud without proper visibility
•   Unintentional data leakage
•   Increased phishing attacks that use Covid as a bait

Some new lessons

According to some recent reports, close to 50 percent of employees are less likely to follow cybersecurity practices while working from home. Many admit to bypassing security policies that are perceived to impede productivity. Legacy, on-site approach to security wouldn’t work in the new world of work.

Security practitioners need to focus on following some of the best practices suited for the Covid-induced remote working ecosystem, including:

1. Improving visibility of all remote endpoints: It’s essential to clearly understand the company’s digital footprint, which is now spread across numerous locations. Security teams must also ensure that all devices are patched and protected to minimize the attack surface. Employees and security teams should audit their home environment for potential vulnerabilities, such as those arising from IoT devices.
2. Reviewing access control policies: Organizations are now forced to reconsider their policies. Access and identity management can’t be static and needs to be reviewed depending on whether the employees are on-site or off-site using corporate-owned or personal devices. Multifactor authentication is increasingly considered an effective mechanism to ensure authorized access to data.
3. Awareness programs to deal with phishing attacks: Security awareness training for employees is critical to fight against the rising phishing attacks. Many organizations conduct phishing simulations to educate employees to recognize and report phishing attacks and social engineering threats.
4. Protecting cloud-based tools: Zoom-bombing has taught us valuable lessons on returning to the basics of security and privacy. The sudden upsurge in cloud-based collaboration and video conferencing tools led to significant shadow IT within organizations. Security teams must ensure employees adhere to basic security policies and hygiene. Also, security has to be the paramount criterion when choosing any cloud-based tool.

Employees are equally, if not more, responsible for ensuring corporate data and device security in this context. They are expected to be in charge of security instead of leaving everything in their systems admin’s hands.

Here are some Security tips to follow while working from home.

1. Install reliable antivirus solutions to all the devices that handle corporate data, even if it is your personal device. Lack of a security solution will not be considered a valid excuse in the event of data loss! Additionally, update your operating systems and software regularly to ensure your systems are patched.
2. Protect your Wi-Fi network with strong passwords. Some of the encryption standards are already outdated. So choose, WPA2 is a widely accepted method to prevent unauthorized network access. You must change the default login credential that comes with your router.
3. Always use corporate email accounts and company-recommended messaging/collaboration tools to communicate—anything configured by your IT team.
4. If you use a public network to access your corporate data, ensure that you’re connecting through a virtual private network (VPN) so that all the data you transfer will be encrypted.

Summary: A highly volatile crisis like Covid-19 calls for a highly adaptable security framework that constantly responds to emerging risks. Security leaders and their teams must work closely with key business functions and include cybersecurity in crisis management procedures. An effective cyber risk mitigation measure is critical to strengthen enterprise resilience in these challenging times.

Recommended Reading:  Learn how a Leading BPO built a Secure Remote Working Environment using Amazon WorkSpaces