The number of employees working remotely has increased by 159% since 2009.
Remote work is on the rise. Accelerated further by the COVID-19 pandemic, employees all over the globe are leaving offices (and pants) behind for good. But while workers are enjoying their new flexibility and freedom, IT leaders are scrambling to make sense of the security controls in an increasingly remote workforce.
And since 65% of data breaches are never even detected, there is a valid business case for the extra precaution.
Why Is Remote Work Increasing Cyber Security Concerns?
- Personal Use of Work Devices: It’s becoming more and more common for employees to use their work-provided devices and laptops for personal use, both during work hours and off-hours, increasing exposure to potentially harmful websites and links.
- Insecure Wifi: From coffee shops to apartment complexes, open wifi networks are a hotspot for threats in more ways than one, making them much more vulnerable to attack than a locked-down VPN or in-office connection.
- Lack of Education and Awareness: Employees are often unaware of cybersecurity best practices that can lead to susceptibility to phishing attacks, malware, and increased vulnerabilities. Using the same (often insecure to begin with) password across every website and third-party app, for example.
- Mobile Apps Expand Potential Vulnerabilities: With the use of mobile apps, vulnerabilities are extended beyond just a laptop or work computer, to an employee’s phone and/or tablet. When employees download third-party apps for work onto their personal phones, the risk of potential threat increases yet again.
- Lack of Centralized Data Sharing: Downloading and saving projects and files directly to their desktop or personal computer folders, rather than to the company network, employees unknowingly set their organizations up for potential loss, should a device become compromised.
- Blurred Lines Between IOT/OT/IT: With the continued integration of all different systems and the interconnectedness that the corporate environment has, it’s never seen such a huge amount of critical flows of traffic nor a monumental amount of pathways that can be circumvented for pain or profit.
- Priority / Proximity to the Critical Cyber Assets: Being able to tell your sensitive areas apart was at the best of times pre-WFH challenging. Now with the understanding of outside-in architectures corporations are finding it harder to create proper segmentation or even be able to tell apart the various devices and their criticality to the business units involved.
- Everyone’s a Hunter: Cybersecurity is hard, but it shouldn’t have to be. With the everyday motions that most teams complete on their work, visible gaps and overlaps to the security posture become glaring. It’s only when they’re paved over day after day, without any action or recourse to solve the challenge does this trickle up to the SecOps teams.
- Step Your Game Up: Regardless of the situation, junior operators can always be provided with more areas to train and expand their understanding. It’s only when they have the fundamentals, that they’re able to lend themselves to becoming a solid strength for the betterment of the team.
While remote work has many pros, including reduced overhead and increased employee satisfaction, not to mention cruising to the office in your favorite fuzzy slippers, organizations should be aware of how to capitalize on these pros without reducing the operational resilience of the corporate enterprise.
Threats and Threat Vectors will always be around to catch those who aren’t prepared, but fortunately, there are many simple ways to protect your organization from harm.
How Do IT Teams Effectively Protect Company Data in the Emerging Remote Revolution?
- Educate Employees (Continually): The silver bullet remains on good training. How often have new hires been asked to watch a cliche “best practices” video on our first day on the job, only to immediately forget what they heard, amidst the onslaught of other onboarding material? A “one and done” security education policy isn’t going to cut it anymore. In today’s increasingly sophisticated cyber landscape, it’s imperative to set your employees up for success. Make a regular practice of educating employees in cyber security best practices: for setting and updating passwords, identifying phishing attempts, avoiding dangerous websites and apps, protecting sensitive company information, etc.
- View and Assess Corporate Assets: With the help of an Attack Surface Analysis tool, organizations can understand the proximity and priority of corporate assets that remote workers are using. Organizations can also use these tools to assess how employees are accessing those assets, giving IT teams the ability to fully perceive any vulnerabilities or threats, they otherwise wouldn’t have visibility of.
- Incorporate Multi-factor Authentication: Regardless of the complexity of one’s password, there will always be a risk of breach. With multi-factor authentication (MFA), this risk is lowered considerably. Incorporating MFA into frequently used tools and programs adds an extra layer of security for remote employees, who are at a higher risk of attempted breaches.
- Consolidate Tools: Tool collectors are killer when you’re trying to establish the ground truth of the security posture. Each different application, appliance, or agent is bringing in a different aspect to the understanding of the network defences. Make the best use of the tools that clearly illustrate what’s going on at a wire level, and do your best to reduce the noise by contrasting different products for similar cybersecurity information.
- Block Common Problematic Websites: Are there particular websites known to cause harm, that aren’t necessary for workers to access to perform their tasks? Proactively block devices from the ability to access websites that have been previously known to expose employees to malware or increased threat.
- Encourage Centralized Data Sharing: Ensure teams are backing up their data to a centralized (likely Cloud) solution, to avoid critical data loss in the event of a breach.
- Prioritize Your Ability to See the Full Picture: With all of the available data coming in from your cybersecurity stack, it’s important to not get caught up in the fog of the situation. How can you prioritize threats and responses appropriately, when there are constant alerts and alarms, and an influx of information? Having clear and definable network understanding and building on the firm awareness of the ports, protocols, and devices in use between each business unit makes all the difference.
- Force Augmentation / Force Multiplication: Teams that can share information, fuse different sources of information, and create composite understandings of the security situation on the ground have a profound impact on the overall security posture of the enterprise. The ability to interoperate, and level each other up, has never been more vital to the overall success of the security program.
Remote work isn’t going anywhere anytime soon. Rather than push back against it, forward-thinking teams can evolve to ensure their teams are secure, no matter the location of an employee.
CLAW, CybernetIQ’s Attack Surface Analysis platform, enables teams to view and assess their corporate assets with ease. If you’re interested in increasing the security of your remote team, we’d love to have a conversation about how we can help.