COVID-19 has affected almost every business in 2020, forcing companies to send some, most, or all their employees to work from home with the COVID-19 shutdown mandate. The hasty transition from on-premises to off-premises work has all but thrown out the company’s IT playbook, and the level of security found in the employee’s home offices have mainly been initially overlooked and sorely lacking.
Now, the IT staff are having to deal with a workforce now working on home networks with an array of vulnerable consumer level products such as unsecured Wi-Fi networks, mobile phones, wireless cameras, home cable routers and smart TVs and even more.
The existence of vulnerable products on home networks exponentially increased the cyber attack surface that enables the cyber attackers, already skilled in targeting both new and old vulnerabilities in consumer (Internet of Things) loT products to successfully attack and invade.
The main strategy for cyber attacks is to infiltrate and control a computer or network device on one of the employee’s home networks, and to use that as the main gateway into a company’s IT assets. Hackers will then launch their full arsenal of malware, botnets, ransomware, keyloggers, and steal and or corrupt the business’ financial data.
BitSight, a Security Rating company, recently reported that home office networks are 3.5X more likely than corporate networks to be infected by malware.
A recent Gartner survey found that 74 percent of companies that sent workers home, had planned to have a portion of that workforce remain working from home in their remote home offices indefinitely.
It appears that this work-from-home way of business life is not a short-term affair and many businesses intend to continue to utilize off-premises staff, to some degree in the future.
With this newly expanded attack surface offered by work-from-home (WFH) networks, it is critical to deploy measures to prevent hackers from gaining entry into business assets. This article will present seven strategies that can help businesses to mitigate these new risks and ensure that the remote work-from-home networks will be as secure as on-premises networks.
7 Best Work-From-Home Security Practices for Businesses
The shift to working remotely occurred quickly and has opened a significantly large attack surface for cyber attackers to target, but by implementing some best security practices, these challenges can be addressed.
1. Employee Education
Always be training the employees on the latest malware threats, phishing attacks and make them aware of the latest threats. They need to know how to react when confronted with a threat and how to respond to them. The sudden rush to a working-from-home scenario has caused the employee training to take the back burner, which is a mistake since your employees are your front line of defense.
2. Assess and Upgrade the Work-from-Home (WFH) Hardware
Perform an evaluation of any current remote hardware that is not directly under the company’s IT control, to identify and upgrade any network router firmware or equipment that needs patches to the latest versions. Typical hacks include exploiting vulnerabilities in older firmware, unpatched operating system software, and exploiting known configuration bugs that will need to be reviewed and updated. Examine the configuration of all network attached devices such as network attached storage, printers, wireless cameras, Wi-Fi networks and more.
3. Secure Remote Connections
Typically, the management and the mission-critical employees’ home offices are equipped with an enterprise-grade firewall instead of a consumer-level firewall to ensure the company’s data stays secure. Identify these employees and install the appropriate network hardware to secure their access ASAP since they access the most important data in the company dealing with intellectual property and financial data.
Ensure that the rest of your remote workforce is communicating with the main office location securely by utilizing Virtual Private Networks (VPN) clients to each employee’s business workstation. The VPN software will help isolate the employee’s workstations from vulnerable home-based network devices.
4. Inventory the Business Applications
Identify the critical business applications as well as all non-critical business applications and which employees access them. Test the remote access methods of utilizing these applications and ensure the user permissions and their VPN connectivity are operational. Typical IT issues include login or configuration issues causing lost productivity.
For the cloud-based applications involving software-as-a-service (SaaS) applications, contact your vendors and request their business-continuity plans. When possible, test their failover operation with your applications to ensure when a problem occurs, your business will have a tested plan to get back to work.
5. Monitor the Network
With the development of perimeter-based network security appliances such as the Unified Threat Management (UTM) appliances, they accomplish a high level of security by guarding a network and its security perimeter. A UTM can monitor the network traffic to identify anomalies, to filter and examine suspicious traffic, logging users’ website access and block potentially dangerous cyber attack attempts.
Upon detecting a suspected breach, security measures are deployed immediately to start thwarting the cyber attack attempt and to notify the IT staff. Seconds matter in defending a company network from cyber attacks that could cost the company in terms of productivity, credibility with clients and heavy financial losses.
6. Move to Zero Trust Security Model
Zero trust security requires strict identify verification of every person and device trying to access resources on a private network, not trusting anyone by default, regardless of whether they are sitting within or outside of the network perimeter.
Zero trust security is an approach and utilizes several security measures to accomplish this higher level of security. This type of security is especially valuable with companies utilizing cloud-based applications.
7. Business Continuity Plan (BCP) / Disaster Recovery Plan (DRP)
The Mercer’s ‘Business Responses to the COVID-19 Outbreak’ survey results released in March 2020 shares insights from over 300 companies from 37 countries and found that 27.2 percent of companies do not have a business continuity plan (BCP) in place at all and are not developing one.
Time is of the essence for an IT staff in responding to an IT downtime or disaster event when managing numerous remote offices and a on-premises office. Every minute a company is cut off from its data or IT assets, it costs the company.
An analysis of your business processes along with identifying the critical data, applications and users will help in creating a plan on how to react in times of various threats, whether they are environmental, theft, cyber attack based, hardware or software based. Many of the practices discussed in this article will be generating data that will be used in the creation of your BCP and DRP plans.
Every business needs a plan on how to react and recover from a downtime or disaster and to continue their business as soon as possible to survive.
The New Normal – Adapt Now and Prosper
With the occurrence of COVID-19, businesses have rushed to transition to employ a work-from-home workforce to ensure their businesses survive. Remote IT management is continuing to evolve to securely protect the vast number of remote employee offices against the ever evolving cyberthreats that are emerging daily.
This WFH transition is likely to be the norm through 2021 and longer. It is about adapting to the “New Normal” to survive and prosper! Cyber attackers are using every tool in the box to get a foothold into company networks and to attack. Are you ready with this New Normal?
Article by Paul Garrison, Founder of Crescent IT Systems
Crescent IT Systems has been providing stress-free IT support for its clients for over 25 years with our experienced consultants.