While working from home is the safest way to make sure you avoid the coronavirus, the same can’t be said for the safety of your data, or your company’s online security systems. The sudden surge in remote work all over the world has left networks, servers, and cloud services more vulnerable than ever, and it presents a challenging new frontier for cybersecurity experts to explore.
The BBC reports that “With one in three UK workers currently based exclusively at home, this remote working on a vast scale continues to be a major headache for the IT security bosses of companies large and small around the world. And studies show that many firms are not taking the issue as seriously as they should. For example, one in five UK home workers has received no training on cyber-security, according to a recent survey by legal firm Hayes Connor Solicitors.”
Hackers have used this new reality effectively from day one. From phishing emails that claim to be from the company’s service department have fooled remote workers to WhatsApp money scams and ransomware, cybersecurity firms are seeing increases across the board.
And for employees who were forced to quickly hack together work from home systems with little support or warning, many are completely unaware that they are such a vulnerability to their employers.
“You have a much bigger attack surface; not necessarily because you have more employees, but because they're all in different locations, operating from different networks, not working with the organization's perimeter network on multiple types of devices,” explains Shimon Oren of Deep Instinct in an article on ZDNet.
Of course, it’s not just malicious hacking that is causing problems. Employees often leave their devices sitting around open in public places, they share devices with other people or lose them altogether, and that opens up all sorts of vulnerabilities to a company’s data. This is the stuff of nightmares for cybersecurity practitioners, and it’s very hard to plan for these kinds of issues.
So how should you approach cyber-security in this remote environment?
- Training is key. Your staff needs to educated about the risks and what they should be looking out for.
- Regular backing up of networks is important and will help your organization to bounce back from any malware attacks if and when they happen.
- Multi-factor authentication is also a useful second layer of protection to have when employees are tricked into giving over their passwords or login details.
- Network segmentation may also be necessary so that all your vital assets are not accessible at the same time and via the same route.
Remote work is fast becoming the new normal and you need to be managing your risk accordingly. 2|SEC has the experience and expertise to help you manage the transition and keep your networks as secure as they were when everyone worked under the same roof.