IATAM raised the alarm about potential cybersecurity failures in the wake of coronavirus lockdowns in mid-March, and has found that its prophecy has been fulfilled a bit more accurately than it had hoped.
SEE: Coronavirus: Critical IT policies and tools every business needs (TechRepublic Premium)
“We anticipated that things would get bad. Companies and agencies may be hoping and praying they are safe, but the work-from-home environment has created a multitude of opportunities for leaks,” IATAM President Dr. Barbara Rembiesa said in a statement. “Too many organizations have left themselves wide open for attack. Understanding the pathways for access within a company’s data network is a valuable lens for businesses and agencies to avert leaking their own assets.”
IATAM has found that COVID-19 breach risks fall into one of four categories:
Assets are being purposely left unsecured
Several examples of purposefully making devices less secure to simplify remote work were cited by IATAM.
“One example would involve removing admin permissions so that employees can complete the task without administrator oversight. Another would be allowing the use of “unpatched” business computers that allow hackers to load malicious files with admin privileges. In some cases, companies with high-end virtual private networks (VPNs) pre-loaded on business computers are allowing people to work from home on personal devices either with no VPN or with a lower-end virtual private network that may be less hacker resistant,” IATAM said in a statement.
Rapid addition of new hardware leaves little time for security
The shift to so many people working at home has meant many organizations are struggling to fill IT asset gaps. This has led to rapid purchasing of a high volume of machines and little time for IT teams to prepare them or train workers on proper security while out of the office.
“The more corporate assets that you have, the higher risk of intrusion. Each asset becomes a doorway or entry point for a breach, particularly when it (or its user) is underprepared,” IATAM reported.
Assets on home networks are fundamentally less secure
Many businesses reacted quickly to stay-at-home orders. If unprepared, their technology has no chance to adapt as quickly, leaving many people working from home under less-than-ideal security conditions.
“Many company devices were deployed into a work-from-home situation quickly, leaving little time to ensure that they would be secure via a virtual private network or other means,” IATAM said.
Unprepared users are making mistakes
The dominoes set up by the previous three problems become easy to topple when users aren’t trained or prepared for online threats.
“These phishing attempts were disguised as appeals for help, disinformation campaigns, or new information about COVID-19, to gain login credentials or install malicious software. This is a prime example of how an employee could unwittingly invite in an intrusion.”
How to protect data in the hands of remote workers
Companies with mature cybersecurity plans, Rembiesa said, should already have provisions in place to address contingencies like mass work-from-home orders. Unfortunately for those that don’t, there’s quite a bit of work to be done, and it’s going to have to be done remotely.
Rembiesa has several tips for businesses busily working to secure their data during the COVID-19 pandemic:
- Make sure remote workers have access to a VPN, and ensure they’re using it to work with sensitive information
- Enable remote wipe of computers that are compromised or stolen
- Help users learn how to assess their home network’s security and protect it going forward
- Make sure users know how to treat sensitive data and what their responsibilities are when working remotely.
- Train employees on data privacy laws like GDPR and HIPAA.
Data security is a fight that both IT and users have to be invested in together. Training, combined with good asset management, is the only way to ensure businesses get through COVID-19 without becoming another security statistic.