Oct. 1, 2020 (Courtesy of the Jacksonville Business Journal)
For years it was common for employees to check in on work from home by logging into their email occasionally on the weekend or attend meetings via videoconference if they had to stay home to care for a sick child. Now, remote work is pervasive. Many companies are choosing to let their employees work remote into 2021. And Human Resource Executive reports that when the world moves to a “post-pandemic” state, the vast majority of company leaders plan to allow employees to continue to work remotely at least part of the time.
With remote work as a norm for the foreseeable future, the work-from-home crowd is a prime business opportunity for cyber criminals. Employees who work remotely are connecting to their employer’s networks from their home networks, which are more vulnerable than an office network that’s protected by sophisticated hardware, software and network infrastructure. Your employees home networks may also be connected to smart-refrigerators, kids’ video game systems and smart TVs that access the internet.
“Companies that want to protect themselves from ransomware, malware, data breaches and phishing attacks need to extend their network security protocols into the remote environment”, said Doug Goodall, managing director of Emtec Inc., a Jacksonville-based information technology consulting firm.
A mitigation plan should consider that not all employees are the same in terms of access requirements or security. For example, a human resources professional would need access to employee records but wouldn’t need access to an entire sales database that resides in the cloud.
“Cyber criminals will be targeting remote workforces. We advise companies to not take anything for granted. They should identify what their new cyber risks are and take steps to mitigate them.”
Security experts at Emtec recommend three critical actions companies can take so employees can work safely and effectively off-site for the long-term.
1. Evaluate your threat surfaceUnderstanding that there are more opportunities for hackers to breach your employees’ home networks, an evaluation of the new environment and threat surface will help an organization determine what additional access, resources and security measures are needed. An evaluation should include the identification of all company assets and connecting points along with an assessment of the potential risks associated with each asset. The act of shifting employees to work remotely and moving connected assets outside the company firewall to a home environment changes a company’s threat surface significantly.
Once an evaluation is complete, IT teams should take the necessary steps to secure all company assets. Note that employee home network scenarios are all different and may not be updated regularly. Cyber tools may need to be extended into the home network to protect workers. Virtual private networks, for example, can add a layer of protection the employees likely don’t have.
Once the right cyber protections are identified, companies should also assess which workers are performing data-critical functions and make sure they are uniquely protected. “A person’s access makes a material difference to the security of the company,” said Colwyn Warner, vice president of strategic client solutions at Emtec. “A hacker could access an employee’s email in accounts payable and send what looks like an invoice from a legitimate company. Without the proper cyber protocols that employee could click on something that would trigger a wire transfer to a hacker’s site.”
2. Schedule regular cyber audits
Every day, cyber criminals are finding new ways to infiltrate computer networks. They now use sophisticated tools like artificial intelligence to accelerate their attacks and make them undetectable.
With new vulnerabilities routinely surfacing, ongoing technology audits are essential for organizations to determine if their risk has changed over time. Potential risk examples include validating if home Wi-Fi networks are secure, if anti-virus software and firewalls are up to date, whether connections are secure, and if remote security protocols like two-factor authentication are proving effective.
“These audits aren’t a trivial activity. There are so many different internet providers and a myriad of different devices and generations of devices,” Warner said. “Any vulnerabilities, once uncovered, need to be evaluated and ranked to determine if a gap is a minor issue or a vulnerability that poses a significant risk of potential damage to the business.”
New vulnerabilities surface every day, so regular audits of both the company network and employees home cyber environments to identify gaps that need to be remediated is critical to keep data safe.
3. Employ active threat monitoring
Active threat monitoring enables an IT team to have a continuous view into the activities employees are completing on the network. This activity is key to determining if you may have already been breached but not yet exploited, reducing any potential damages caused.
Keason Drawdy, a senior cybersecurity solutions consultant at Emtec, said there are a variety of different monitoring tools companies can choose from, but cautioned that technology alone can’t protect a company. While artificial intelligence – designed to perform monitoring functions quickly and efficiently – is becoming more popular, it can’t be the sole technique utilized to keep the network safe.
“Organizations should not rely on alerts alone. For threat monitoring to be successful, it has to rely, to some degree, on a human element,” Drawdy said. “The intelligence gained from the tool needs to have a human being involved to analyze and make decisions to address potential risks. If not, it will be quite ineffective and potentially catastrophic.”
It is also important for organizations to institute proper processes, responsibilities and procedures for how threats will be monitored and remediated to ensure that threat monitoring is in fact “active” and monitored 24/7.
“Small and medium-sized businesses often don’t have the resources on staff or the security expertise to extend their technology protections into the remote environment on a large scale”, Goodall said. “This is where it really makes sense to partner with a technology firm that can educate on best practices and help guide them through the noise to both protect themselves and empower their employees during this new reality.”
Emtec, headquartered in Jacksonville FL, provides a full suite of cybersecurity services to keep predators out of your network and thwart both internal and external threats that infiltrate.