Working from home brings cybersecurity risks
By Derek Manky
Advice to businesses faced with the prospect of most, if not all, of their staff working from home
By Derek Manky
Cybersecurity should always be a top priority, but it’s even more important now. Overarching advice for companies instituting remote work capabilities include evaluating and incorporating new policies and frameworks being created for telework.
Part of those policies should include a good patch management system and application control capabilities – these are critical for these devices which will be roaming outside corporate office safeguards.
For employees, it is about reinforcing to them how critical it is to follow existing policies and procedures. Reminding them that things like VPNs and multifactor authentication (MFA), for example, are crucial to keeping the company safe and protecting their electronic devices.
Cybercriminals are savvy and we are already seeing them take advantage of the COVID-19 situation. For example, we’ve been observing a significant increase in both legitimate and malicious activity surrounding COVID-19 and as the news cycle continues to, there have been reports of ranging from phishing and SMS phishing attacks to a host of others.
So now’s also the time to also send communications to employees reminding them about basic cyber hygiene best practices, including how to spot social engineering scams – unique to COVID-19 and otherwise – that may appear in inboxes as fraudulent emails, links, or attachments and what steps to take if they encounter one. I’d encourage companies to reach out weekly to their remote workforce with cyber education material and reminders on guidelines put in place to help them remain safe while remote.
IT managers should also be extra vigilant about their networks. It’s important that only the appropriate people are able access certain parts of the network. Establishing identity through secure authentication is key in the implementation of an effective security policy. For example, many damaging security breaches have been due to compromised user accounts and passwords exacerbated by users being provided with inappropriate levels of access.
In addition to authenticating remote access, IT should also ensure that internal segmentation is in place to further protect valuable company IT assets. Segmentation is not new, but can be effective in providing extra security measures around key network components, such a servers that contain valuable intellectual property.
What it really comes down to is that security is a team effort, and now more than ever you need employees to understand the part they have to play and take it seriously.
Is home Wi-Fi secure enough to handle potentially sensitive workplace info?
VPN and multifactor authentication are critical for working from home IT strategies in order to add security measures to home-based Wi-Fi. An added measure of security – and a more permanent solution – is for IT to configure persistent rules to create “sticky” connections that ensure that a user is connected to the same server every time they make a request that is part of the same session.
For those companies that will face this as a new challenge, they should check in with their cybersecurity vendors as a matter of urgency to see where there may be risks and vulnerabilities, and what can be done quickly and efficiently to raise their security posture.
How can IT departments equip staffers for home work, especially on short notice or with limited resources?
If they haven’t already, make sure the devices employees will use are pre-loaded with all proper security safeguards. Avoid situations where the onus is on the user to download or update those security tools. It’s important that IT departments – to the best of their ability – maintain the rigour around enforcing policies and providing the support that they have when working in the office now working from home.
What are businesses doing if they are not currently set up for mobile work (i.e. using desktops or terminals vs. laptops)?
Transitioning administrative staff, technical support teams, HR, marketing departments, and other workers who traditionally work from a physical office – along with access to their data and networked resources – to alternate work sites can seem a daunting task. Business continuity and disaster recovery plans are designed to address an organization’s need to quickly suspend normal on-site operations in the event of a power outage, illness, or natural disaster that may make it unsafe for employees to travel on-site. A company’s plan also needs to include the ability to quickly establish a secure, remote workforce.
Derek Manky is Chief, Security Insights & Global Threat Alliances, FortiGuard Labs, at Fortinet.