The global pandemic has certainly changed things. Before the pandemic, working from home was rare. Today, commuting to an office is the exception rather than the rule. While the percentage of those working remotely will likely drop over time, it’s estimated that about a quarter of the workforce will continue to work from home permanently. For those returning to the workplace, the transition will be gradual. As a result, the need to secure data for remote workers will persist.
The transition to remote work has amplified risk. Cyber crime has increased dramatically, particularly phishing, malware and ransomware attacks. Unsecured remote network connections are also attracting criminals. In other words, your organizational data is now more vulnerable than ever. A data breach can have serious consequences and the cost to recover can be staggering. Business disruptions can also impact your organization’s reputation, leading to lost sales and customers.
At the outset of the lockdowns, getting remote workers the functionality they needed was a mission-critical priority. With vulnerabilities and attacks on the rise, now is the time to revisit and formalize your strategy for securing data for home-based workers, which involves:
- Formalizing policies for remote work, including policies for data protection
- Shoring up existing cybersecurity technology
- Educating employees on policies and threats
Remote Work and Cybersecurity Policies
A remote work policy can be wide ranging and include aspects that promote quality of life when working from home. It should also include data protection considerations and clarify the role of home-based workers in keeping organizational data safe.
Cybersecurity considerations to include in your policy include guidelines on device usage. For employees doing work on their personal computers, there should be policies around keeping work and personal data segregated, for example, not using personal Google, Microsoft or other personal accounts for company email, file storage and document creation.
Another policy to consider is requiring users to change their password regularly, for example, every three months. Passwords can be stolen and sold on the black market. Keeping passwords fresh puts you a step ahead of these criminals.
Even if you don’t have remote work policies in place, there are several ways you can mitigate risk in the short term. For example, at the outset of the pandemic, there was a big rush to enable remote access. In the process, many remote access solutions were misconfigured and regular patching may have been suspended. Now is a good time to review remote access configurations and get caught up on software patches.
In addition, these technologies can help you further mitigate risk:
Virtual Private Network (VPN): Unsecured network connections are flypaper for threat actors. To ensure data and communications security, it’s recommended to route all organizational network traffic for home-based workers through a VPN. In addition, all traffic should be encrypted in both directions, which can be accomplished by using SSL (Secure Sockets Layer) or IPsec (Internet Protocol Security).
Multi-factor authentication (MFA): Password-only authentication is so 20th Century. Threat actors have plenty of tools and methods to steal passwords without being detected. MFA requires one or more steps beyond the password to authenticate remote workers.
Company-issued devices allow for standardization of security features across your remote devices. A pool of company devices can be configured and managed remotely by your IT staff, including security features such as endpoint agents that help protect against malware.
Incident response plans are effective tools to organize a quick response to an attack or intrusion. Even with comprehensive policies and security measures in place, attacks and intrusions happen, and in the event of a ransomware attack, your files can be gone in an instant. Now is a good time to update or prepare an incident response plan. A good plan will save time, money and headaches if an attack does occur. If every stakeholder understands their role when responding to an incident, recovery will be much faster and more effective.
Develop a backup plan that covers all of your servers and workstations. For example, if faced with a ransomware attack, your recovery will be much faster, much easier and a lot less expensive if you can restore your files and keep your business operational. You’ll also avoid paying a ransom, which may or may not get your files back.
Vulnerability assessments and penetration testing are valuable for finding and prioritizing issues with your cybersecurity. With systems and configurations in flux, you may be thinking that now is not a good time to do an assessment. However, given that cyber criminals are using this time to scale out their efforts, the need for security assessments has never been greater.
Employees really want to do the right thing when it comes to data security. Give them a lift by being clear about security expectations and educating them on remote work and data security policies. For example, employees should be aware of the dangers of using unsecured public WiFi connections. And even though phishing attacks are not new, it’s important to continue to emphasize vigilance in handling emails, even those that appear to originate internally.
Working from home has quickly become a part of American work culture and is not going away. To get ahead of threats and manage risk, make a concerted effort to find and fix vulnerabilities associated with remote work.
IST is here to support you. These generalized guidelines are a good starting point for mitigating risk. For a deeper dive into risks specific to your environment, don’t hesitate to contact us. Some solutions may already be at your fingertips. Others may require some investigation. We’re here to help ensure your organization is secure from every angle.