The business repercussions of the coronavirus pandemic caught many organizations off guard last year. Forced to quickly transition employees to a work-from-home setup, employers were often ensnared by the security risks of a remote workforce. Security information site Cybersecurity Insiders describes the security challenges of working remotely and offers tips on how organizations can surmount them.
SEE: Working from home: How to get remote right (free PDF) (TechRepublic)
The “2021 State of Remote Work Security report” was produced by technology provider archTIS and its subsidiary Nucleus Cyber in collaboration with Cybersecurity Insiders. Based on a survey, the information in the report was derived from 289 security leaders and practitioners who are part of the Cybersecurity Insiders community.
Among the respondents, more than half said that over 75% of their employees now work remotely, compared with a year ago when the same number said that only 25% of employees worked remotely. A full 90% said they expect their organizations to continue to maintain a remote workforce. But 79% of those surveyed expressed concerns over the security risks of working remotely.
Asked to name the specific concerns about securing a remote workforce, 79% pointed to network access, 60% to BYOD and the use of personal devices, 56% to the difficulties in securing applications and 51% to the challenges of managing devices.
A remote workforce creates more endpoints that can be vulnerable to security breaches. Some of the potential risks cited when users connect remotely included exposure to malware and phishing attacks, the access of data by unmanaged endpoints, the auditing of employees working from unmanaged resources and ensuring compliance of regulated users.
Such a quick shift to remote working among so many employees has triggered additional concerns. Among those surveyed, 68% expressed fears about data being leaked through endpoints, 59% were worried about users connecting with unmanaged devices, 56% pointed to network access from outside the perimeter without proper anti-malware protection and 45% were concerned about maintaining compliance with regulatory requirements.
The survey also asked respondents to identify specific factors that make remote work less secure. The responses pointed to such items as users who mix personal and business tasks on their work laptops, home users being more susceptible to phishing attacks, the organization lacking visibility into remote workers operating outside the network and furloughed users posing an increased risk of data theft.
Of course, professional security and IT staffers do take the necessary steps to protect their remote endpoints. A majority of respondents said they use antivirus/anti-malware software, firewalls and VPNs to properly secure work-from-home environments. Most use multifactor authentication, endpoint detection and response and anti-phishing tools. Many also said they use password management, backup and recovery technologies, file encryption and single sign-on.
“As with any cybersecurity measure, there is no single silver bullet that will completely eliminate the many potential vulnerabilities of maintaining a remote workforce,” Cybersecurity Insiders CEO and founder Holger Schulze told TechRepublic. “That said, we do believe some of the following recommendations can go a long ways towards protecting your remote workforce and the sensitive data that resides within the corporate network.”
- Continuous training and education. Most large organizations will conduct episodic training and education for their workforce. But to make sure workers truly understand the various risks that come with remote work, you must deliver these programs on a continual basis. This is especially important in terms of phishing and ransomware attacks as threat actors always find novel ways to deceive their victims and impersonate trusted sources.
- Harden remote Wi-Fi connection points. Whether it’s through a phony free Wi-Fi hot spot at the airport or a home connection with a poorly secured or open router, a hacker of modest capabilities can easily steal a legitimate user’s credentials. Educating and training users on safe remote connection practices is essential, as is adopting a Zero Trust network model or network segmentation to limit the resources an unauthorized user might see.
- VPNs are a good start but not a cure-all. Used for almost two decades, VPNs provide an encrypted tunnel that securely connects a user to the network. However, VPNs can give a false sense of security to both the user and the organization as known vulnerabilities offer an attacker a way to piggyback onto the network without being detected. Zero Trust and software-defined perimeters are better ways to ensure that outside threat actors can’t see everything or escalate privileges on the network itself.
- Don’t forget about data security. Whether sensitive data is being extracted by a malicious threat actor or accidentally or intentionally leaked by an insider, protecting sensitive data is more difficult with so many workers logging in from remote locations. Invest in attribute-based access controls technologies that can enforce fine-grained security at the file level.
- Pay attention to third-party collaboration platforms. Applications like Microsoft Teams and Slack help keep us connected and productive. The organizations that use them often think they’re fully secure because they’re supported by large and well-funded vendors. But they’re as vulnerable as any other commercial application. You may never know that a remote worker’s credentials have been compromised until long after the sensitive data has left the network. A defense-in-depth approach that layers both network and file-level security tools is critical for protecting both your remote workers and your sensitive corporate assets.