Protecting Your Organization’s Remote Workforce from Cyber Attacks–by Unyime Ufok Ibekwe (Mrs)
The COVID-19 pandemic has brought great disruption and innovations to the way work is being carried out in different parts of the world. Many businesses and organizations have introduced the concept of work-from-home as a means of ensuring the safety of their employees. Organizations have deployed new digital solutions like collaboration tools, videoconferencing, document sharing solutions and other solutions for distributed access. While this new way of working is convenient and provides greater flexibility to employees and the businesses, it has however also expose remote workers and businesses to cybersecurity risk. Businesses have to make changes to support remote working thereby introducing newer risks, threats and vulnerabilities to the corporate threat landscape. Most of the corporate endpoints will now be exposed as they are no longer within the control of the IT unit, more servers will now be accessible from the internet and more applications will have to be moved to the cloud to support the distributed workforce.
Remote working is likely to continue even in post covid-19 and is not likely to end soon. A recent study by McKinsey Global Institute showed that 20 – 25% of workers in advanced economies are willing to continue working from home between three to five days in a week after the pandemic. Another survey carried out by Gartner revealed that 90% of leaders were willing to allow their employees to continue to work remotely even when the covid-19 pandemic is over. What this means is that a lot of organizations will have a kind of hybrid workplace where some of its workforce will have to work onsite while the others can choose to work remotely from home or anywhere. Organizations and employees should therefore adopt good cyber hygiene to ensure their safety from cyber-attacks while working remotely.
Remote Work Cybersecurity Risks
As remote working becomes prevalence, the attack surface for cyber attacks has also increased significantly with cyber criminals stepping up their games in terms of frequency and scope of attacks. A recent report by the FBI highlighted a 400% spike in cyber crime, indicating up to 4,000 hacks a day. Many businesses have also reported an increase in cyber-attacks since the beginning of the covid-19 pandemic. Here are some security risks associated with remote working.
Use of Personal Devices
Employees working from home are likely to use their personal devices such as laptops and mobile phones to access corporate data or carry out work related tasks. Most of these personal devices lack up-to-date security patches, anti-viruses and adequate security measures compared to corporate devices. Therefore, they become an entry point for cyber-attacks to the corporate network. For instance, it is possible for employees to accidentally download malwares into personal devices which can in turn compromise business data. Malwares and virus on employee’s personal device can be transferred to the corporate network in which they are connected to. There is also the risk of data breach, data loss and loss of confidentiality if employee’s personal device is stolen or family members have access to corporate information stored on those personal devices.
Collaboration tools
As a result of the pandemic, there have been heavy reliance on collaboration tools like Microsoft Teams, Zoom, Slack, Google Hangouts, Fuze, Lifesize Video Conferencing, and Skype for holding virtual meetings. Cyber criminals have been exploiting vulnerabilities in some of these tools to steal confidential data from remote workers. Sometimes uninvited members even gain access to virtual meetings which they were not invited because some of these tools use shared links, usernames and passwords for meetings. For example, Zoom apologized for the number of privacy issues and security risks found on its platform during the pandemic and promised to remediate all identified vulnerabilities.
File Sharing
Employees working from home will need to share sensitive data or files with their clients and colleagues through the internet. Sometimes this information are sent over insecure communication channels that can be easily intercepted by hackers. Information that is not encrypted is transmitted in clear text and can easily be sniffed by cyber criminals thereby leading to data leakage and ransomware attacks.
Phishing Attacks
The most common threats to remote workers during the pandemic is phishing attacks. The number of phishing emails getting to remote workers has increased significantly since the pandemic. According to info security magazine phishing emails have spike by over 600% since the work-from-home. Cyber criminals send out emails to trick users to disclose their personal information such as login credentials in order to hack into the employees’ account to steal information or commit fraud. They also embed malicious links and attachments on these emails which when clicked downloads malwares into the employee’s device therefore creating back doors that allow hackers to take control of the corporate network.
Insecure Network
A number of employees connect to corporate resources from their home Wi-Fi or public networks. These networks most times are insecure and lack appropriate security controls like strong passwords, anti-virus solutions, firewalls and intrusion prevention systems. Networks with poor security measures serves as a platform for hackers to intercept traffic going through that network. Hackers can obtain sensitive information like confidential data and login credentials from insecure network and use them to logon to the corporate network.
How can organizations and their remote workforce be protected from cyber attacks?
Below are some of the controls organizations and employees should put in place to ensure that they are protected from cyber-attacks when working remotely.
Trainings and Awareness
Every organization should have as part of its business strategy, cybersecurity trainings, awareness programs and policies to constantly educate employees on basic cybersecurity best practices. These trainings should also be incorporated as part of the on boarding process for new hires and should become a culture in the organization. Employees should be taught some basic cybersecurity hygiene for remote working like password protection, how to detect and respond to phishing emails, how to update antivirus on personal and work devices, how to identify social engineering tricks and other cyber-attacks. An ignorant employee can render the entire organization’s state-of-the-art technology controls useless by just clicking on a malicious link or an attachment embedded in a phishing mail thus resulting in the exposure of the entire corporate network to data theft, account compromise, privilege escalation or ransomware attacks. Phishing simulation test should be carried out frequently to measure effectiveness of the cybersecurity trainings and awareness.
Secure your home network and don’t use public networks
It is important to ensure that the home network is secure before connecting it to the corporate network to access resources. This is because data transmitted over an insecure network can easily be captured by cyber criminals for malicious purpose. Public Wi-Fi’s and networks should not be used to carry out work related task as they are most times insecure. Remote workers should follow the steps below to ensure the security of their home network.
- Change the default name (SSID) of your wireless router to something different.
- Change the default password on your router to a unique but complex password.
- Enable encryption on your router, it is advisable to use WPA2
- Specify the devices that are allowed to connect to your router by whitelisting their MAC addresses. This automatically blacklist any other device that is not on the list, as such rogue devices cannot connect to your router.
- Ensure that your router software and firewall is periodically updated and properly patched.
Tightens the security of your endpoints
Unmanaged endpoints pose one of the greatest threat to organizations cybersecurity. As more and more employees working remotely use their personal devices to access corporate resources, this in turn increases the chances of organizations’ exposure to cyber attacks. Employers should provide employees with anti-virus licenses for their personal devices since they are working for the organization from home. Otherwise, organizations should implement Enterprise Mobile Device Management (MDM) solution that enforces security policies and check compliance level of any device that attempts to connect to corporate resources. Workplace laptops should be configured in such a way that anti-virus and patches are automatically updated whenever they are connected to the internet. All drives on the work endpoints should be encrypted and USB drives blocked to prevent malware transfer from USB to the endpoint. Organizations should provide cloud-based document management platform where employees can share and store corporate files, so that employees do not need to store corporate information on their personal devices. This will prevent data breach or data loss in the event that the employee’s personal device is stolen or becomes faulty. Employees should always put a password on their work laptops and mobile devices to prevent family members or third party from accessing sensitive corporate information or documents.
Use Strong Authentication
One of the ways to minimize the risk of cyber attacks when working from home is to ensure the use of complex passwords across all your devices and ensure that the passwords are changed every three months. In addition to strong passwords, organizations should implement multi-factor authentication (MFA) on all its work endpoints and applications as this will provide additional level of security to the employees and the organization. Organizations should also deploy Identity and Access Management (IAM) solution to ensure that every employee is granted just the right access to only authorized enterprise assets. By this, the attack surface of the organization is drastically reduced. Ensure collaboration tools used for virtual meetings have end-to-end encryption and require passwords for entry.
Establish a Virtual Private Network
Accessing corporate resources directly from the internet is very risky and opens up the remote employee and the organization to cyber-attacks. Organizations should have Virtual Private Network (VPN) in place to ensure that their employees working remotely can access corporate resources securely. A VPN provides an encrypted tunnel to transmit data between the sender and the receiver. It adds further layer of security and privacy to the internet by ensuring that all traffic passing through the tunnel are encrypted and protected from cyber-attacks.
Improve on Monitoring
As organizations shift to working remotely and onsite, there is need for their security team to have visibility across all endpoints that access the organization’s network, data and applications. There should be in place solutions that provide a single view of all activities across the network. This will provide real time awareness of all connections to the corporate resources and enable quick detection and response to threats that may be seen on the network.
Unyime Ufok Ibekwe (Mrs) is Cybersecurity Professional with sound and tested knowledge of her chosen professional field
|
|
