By now, organizations are realizing that the months of working from home (WFH) during the pandemic has introduced a whole new set of security liabilities and upended how IT has handled network security and employee vulnerabilities.
SEE: Identity theft protection policy (TechRepublic Premium)
The sudden push to quickly transition the workforce from the office to the home has introduced greater risk for employees to become susceptible to cybercrime, since many homes are not properly protected. The WFH trend has introduced more risk and cybercrime potential than organizations have ever planned for, according to security firm ADT.
Ron Culler, senior director of technology and solutions for ADT Cybersecurity, identifies some cybersecurity trends organizations should be aware of now that the network perimeter has been extended.
Greater dependence on machine learning and artificial intelligence in new ways
This exploded perimeter—or the need for companies to protect themselves outside the traditional office walls—also requires the use of machine learning (ML) and artificial intelligence (AI) to sift through the volumes of data that are generated every day, Culler said. Systems are having to relearn traffic pattern behaviors in addition to monitoring external influences on the rise in WFH networks.
“With a wider, more open network perimeter and computing environment, businesses need the ability to monitor this new influx of data points,” he said. “AI/ML provides something that traditional rule-based security information and event management systems (SIEMs) don’t provide: The ability to learn the environment as they are stood up.”
Traditional rule-based SIEMs have to be manually configured and tuned for every new input source they receive, Culler explained. AI/ML systems are typically able to learn the environment and determine what is and isn’t normal based on that learning.
SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)
“WFH environments introduce many more variables than the traditional office environment, so businesses and security professionals need the tools to be able to rapidly analyze these new data points and determine if they are a threat. AI/ML provides those abilities.”
Cybercriminals are continuing to prey on consumers
The FTC, FCC, and FBI have all warned of the increase in online scams and hoaxes, text message and social media campaigns, and robocalls that prey on virus-related fears and purport to offer free home testing kits, bogus cures, health insurance policies, etc.
Consumers must remain vigilant in identifying these scams, as they don’t know where, when, or how they’ll be targeted, Culler advised.
Priorities and budgets should be adjusted
Due to the need for companies to continue embracing a remote work environment, key areas of focus for companies, their IT departments, and remote employees should now be:
- endpoint management (both company-owned and BYOD)
- endpoint detection and response
- VPN security
- cloud security
- cyber event detection and response
SEE: VPN: Picking a provider and troubleshooting tips (free PDF) (TechRepublic)
Deploy smaller corporate devices with a dedicated internet connection
With WFH becoming the new standard for employees around the world, organizations must deploy smaller security appliances such as unified threat management devices and firewalls to the new perimeter to regain the control and visibility they once had within their corporate walls, he said.
While most large and medium-sized businesses already had something in place, it was typically for specific workloads such as sales, Culler maintained.
“Businesses are now running into issues as they attempt to rapidly scale without impacting performance—and this is all while trying to adapt to new workload requirements brought on by the pandemic,” he said. “Before the pandemic, SMBs only had a handful of users working remotely, and they often lacked the level of security needed to support a larger group of remote employees.”
As a business rapidly expands its remote workforce, the problems and strains that go along with supporting remote work also expand, he said.
SEE: Zero trust security: A cheat sheet (free PDF) (TechRepublic)
Deploying these devices to WFH environments should be done to re-establish the perimeter that existed when employees were physically in the office, Culler said.
“It’s no different than using a company-owned laptop or phone behind a corporate firewall,” he said. “Where things are different is in the implementation: Corporate devices can be deployed with a dedicated internet connection.”
This allows companies to control the WFH connectivity without interfering with or affecting an employee’s home internet services, Culler said. Deployment can also occur behind the employees’ existing home router through a demilitarized zone (DMZ) pass through, so only WFH devices would be behind the firewall, he said. A DMZ is a protected and monitored network that adds an extra layer of security to an organization’s local area network.
However, “In terms of being used as a replacement for the customer home router, this option is one of the most problematic solutions from a privacy and functionality standpoint. I wouldn’t expect businesses to widely use that option.”