For most employees, working from home has been a big dream that came to reality at the start of 2020 when coronavirus became a pandemic in many countries. Coronavirus causes COVID-19 disease, and it is highly transmittable. The outbreak has wreaked havoc in the affected nations, as the total infections currently stand at over 2 million cases, while deaths have already surpassed the 150,000th mark. The virus spreads once a healthy person touches a contaminated surface or through mouth droplets from an infected person. Due to its rapid spread, governments around the world have enforced total lockdowns to prevent it from spreading further.
On the other hand, business operations must continue, and this has seen most organizations require staff to work from the safety of their homes. Before the entrance of the virus, approximately 7% of the American population, which translates to 9.8 million people, worked from home. This number has increased exponentially since all companies are encouraging working remotely. Although scientists are working round the clock to develop a vaccine, the reality is most people might continue getting their jobs done at home. Organizations have realigned their operations to support remote work, and this might prolong once the pandemic is over. In light of this, understanding the top ways to prevent cyber risks when working from home can save enterprises plenty of security incidences.
Prevalent cyber risks when working remotely
1. Insecure remote working setups
The remote working setups for some employees may be highly insecure. Homeworking requires users to have computing devices and networks to access business applications and data remotely. However, the absence of security tools and controls such as firewalls, IDS, updated antivirus, among others, can cause security issues. The security measures are a necessity, yet they may be inaccessible to most remote users. As a result, the lack of security solutions exposes various cyber risks to a business and might cause attacks and severe breaches.
2. Employees use multiple devices
It is common for employees to use several devices like smartphones and laptops when working remotely. This practice complicates the deployed controls for protecting data since each device represents a potential entry point. Shared use between family and friends increases cyber risks. Moreover, prioritizing the use of personal devices with lesser security functions and features over company-issued devices is common. Unfortunately, the trend threatens the integrity, confidentiality, and availability of stored information since there might be instances of unauthorized access, modification, or deletion.
3. Sharing information using insecure networks
Office setups ensure to provide employees with secure intranets and communication infrastructure to facilitate secure information exchange. Remote working contrasts since users must communicate through their personal and less secure networks. Some may disregard the need for using encryptions and VPNs when communicating critical information. Attackers lurking in the network may exploit the opportunities to launch attacks. Such communication channels increase cybersecurity risks. They might be easily compromised, allowing adversaries to intercept and eavesdrop confidential information.
4. Logistical challenges
Employees working from home require consistent IT support to resolve technological and security problems. However, in the current state, where countries have enforced lockdowns to minimize the spread of COVID-19, organizations may be challenged to provide the needed support. Travel restrictions may prevent them from providing physical assistance. Most employees lack the capacity and experience to handle security issues, thus leaving company resources exposed to attacks.
5. Insecure endpoints
Most companies have deployed endpoint detection and response systems. The systems actively monitor endpoints connected to the corporate network to detect and prevent adverse security events. Endpoints include any device used to access network resources, and a leading cyber-attack vector. Almost zero employees implement such systems in their home networks or devices. On the other hand, IT security staff might be unable to monitor personal devices that don’t connect to the organization’s network. Cyber adversaries might utilize the opportunities to plant malware, providing them with full privileges to the networks and systems.
6. VPN manipulation
Virtual Private Networks (VPNs) are currently the lifeline for most enterprises. They extend encrypted networks to employee homes since they provide tunneled and encrypted connections. Despite this, many personal and home networks already contain compromised hardware or malware infections. Hackers can, therefore, use them to stage attacks through computers running VPN termini. Compromised computer identity can enable the attackers to piggyback through an active VPN, thus bypassing integrity checkers and implemented authentications. Some VPN providers may also fail to use secure encryption, thus providing vulnerable VPN services.
7. Unpatched applications
Unpatched applications and devices are highly vulnerable to attacks. Numerous companies have automated patching systems that download and install security patches immediately they are available. Most employees go for long without updating their applications or devices, providing hackers with exploitable vulnerabilities for launching attacks. Using them for work reasons introduces significant risks to organizational systems and networks. Also, IoT has increased, causing an upsurge of new products. Vendors may rush to create products without following necessary security guidelines. Worse still, some fail to provide timely updates to address emerging security concerns.
Tips for avoiding cyber risks
1. Understand threats to the organization
Business leaders, including the C-Suite, must fully understand the security threats facing their organizations. Work from home introduces threats from different dimensions, and it is essential to understand them all. As such, they should work with security teams to establish the most prevalent threats. This practice should include the value of threatened assets to inform the mitigation priorities. Also, identifying the risks should focus on identifying possible vectors manifested through work from home requirements. Subsequently, a company can know which controls and security tools to deploy to protect the most sensitive business data as well as critical applications.
2. Develop proper guidance and communication
The emergence of COVID-19 caught most organizations unaware. Due to imposed lockdowns, they had to quickly devise how employees can work from home without compromising security perimeters. Yet, most don’t have established policies that stipulate work from home guidelines and security requirements. Businesses must hence ensure to develop and document clear home working policies. They should include easy to understand procedures to ensure employees fully comply. The work from home policies should also contain information on how employees can handle insecurity occurrences, including the security teams to contact. Most importantly, remote working policies are necessary for ensuring businesses comply with regulations such as HIPPA.
3. Deploy required security capabilities
Enterprises should ascertain all devices they own and manage have strong security capabilities. The capabilities protect the organizations by identifying possible threats and warding off attackers. The same best cybersecurity practices adopted within a company should extend to all remote employee environments. Among others, such critical capabilities include:
- Providing secure connections to critical on-premise and cloud applications and data. For instance, they should apply to video conferencing software as they are increasingly relevant in remote environments.
- Provide endpoint protection and detection capabilities in all mobile devices and laptops. These include strong encryptions and VPN tools.
- Be capable of providing multi-factor authentications to ensure only the correct and legitimate users can access secured information.
- Provide employees with capabilities to block malware, command and control traffic, and exploits. Automated real-time intelligence tools can assist in achieving this.
- Provide security tools capable of filtering malicious URLs and conduct DNS sink holding to deter frequent spear-phishing attacks
4. Maintain effective password hygiene
Passwords provide strong defenses and are easy to create and use. Organizations often depend on strong passwords to keep their systems and networks secure. However, many users fail to observe proper password hygiene, thus exposing their companies to multiple security risks. Working from home approaches must emphasize on the need for password hygiene since they introduce many vulnerabilities. It entails ensuring the creation of strong passwords using a combination of letters, symbols, and numbers. Employees should further frequently change their passwords. Hackers use brute-force and password stuffing attacks to crack passwords, and replacing them lowers the possibility of the attacks being successful. Besides, employees must use secure means to share passwords. These include using encrypted messages.
5. Regular system and software update
The need for regular updates to systems and software cannot is quite essential. New viruses and vulnerabilities facilitate attacks daily, and this poses risks to unpatched software and systems. Employees with remote access to vital infrastructure and data should consider checking for new updates every day to ensure they have the latest security patches. Where possible, enterprises should provide their workforce with the necessary updates to ensure they use secure devices. Individual users should consider turning on the automatic update option, which is usually available in most software and operating systems. They should turn on the option in personal devices as well as those that are company-issued. Employees should avoid using computers that lack the latest updates to protect against attacks.
6. Secure the Wi-Fi access points
Wi-Fi access points are hot spots for network intrusions and malware delivery. Wi-Fi access points are any devices used to create a wireless network, generally by connecting to a wired switch, router, or a hub through an ethernet cable. They usually provide internet access. All wireless clients use access points as the interface for sharing information. They are used to transmit sensitive information. Securing the access points involves changing the default configurations to more secure ones, applying security options such as WPA-PSK encryption, among others.
7. Encourage use of VPNs
Work from home involves using remote access to essential information, either through video conferencing or accessing company servers remotely. Employees may lack security tools like firewalls needed to filter malicious connections from their home networks. VPNs provide secure connectivity by tunneling and encrypting network connections. This assists in creating trusted online links between staff and their companies. Some corporate VPNs offer advanced features such as protection against malware and phishing attacks. Encouraging the use of VPNs in work from home approaches can secure against significant cyber risks.
8. Prioritize education awareness
Cybersecurity education and awareness has been, and remains to be, an acclaimed method for reducing cybercrimes. The strategy provides employees with the necessary knowledge and skillset for secure information access and usage. It also equips relevant skills used to identify adverse security events, manage them, and report them. Organizations need to provide employees with revised cybersecurity education and training, with the focus being how to work remotely but securely. For instance, it should educate employees about the evolving phishing scams and online fraud. Scammers nowadays use information related to COVID-19 to scam people since it is an already viral topic, meaning the increased possibility of victims falling for it. It should also include best practices for safe remote access by creating awareness on the usage of tools like VPNs.
9. Don’t mix work with personal matters
Individuals working from home should avoid using work devices for other reasons other than work purposes. Personal usage, such as accessing social media or movie websites, is ill-advised since it is one way of inviting malicious cyber actors. Also, a work environment does not support security procedures like real-time monitoring for security incidents. Using a work device for personal engagements means malware infections might go undetected. Accessing organizational resources using the same tools might transfer malware infections to corporate networks and systems. It can enable data breaches, exfiltration, or ransomware attacks. To prevent this, employees should avoid installing a service on a work device or use it for personal matters if such actions are against the acceptable uses.
10. Secure video conferencing tools
Video conferencing is the backbone of most communication processes when working from home. It provides the infrastructure for holding group meetings, client discussions, among others. Remote workers rely on conferencing tools capabilities to transmit highly sensitive data, and hence necessary to observe the required security measures. When video conferencing, employees should avoid sharing confidential information as much as possible. Users should remove any background with sensitive data from a camera’s scrutiny. Also, mitigation measures should be identified and implemented before a video meeting. Controlling access is also a significant security measure. Users invited to a video meeting should have a password to authenticate them to prevent the disclosure of sensitive data to unauthorized parties.
11. Multi-factor authentication
Multi-factor authentication is a necessity for improved security and access control. Remote working makes it almost impossible to authenticate users with remote access to essential IT assets and information. Anyone with a password can have unlimited system access and steal or modify data at will. Multi-factor authentications provide controlled access by ascertaining a user is who he claims. It requires an employee to give a unique authentication item, such as a biometric or code, before granting access. The system requests the second level of authentication despite a user having a correct password and username. Businesses should consider implementing MFA in all their systems to have tighter control of who accesses what, thus ensuring integrity and confidentiality of critical assets and information.
12. Encrypted communication
Organizations have the prerogative of ensuring the implementation of encrypted communication mediums and channels. Employees should only be able to access information and business applications through recommended encryptions such as SSL and IPSec VPNs. The channels are necessary since they provide end to end encryption, thus preventing attacks such as man-in-the-middle and eavesdropping. Encryption assures of data CIA since it is inaccessible even if the network or mode of transmission has is compromised. Encryption also ensures only authorized personnel can access the data as it requires a correct decryption key.
13. Avail adequate IT support
Employees should have sufficient access to IT and security support when working from home. Most have little knowledge of dealing with arising IT problems and security events, and this poses a danger to an entire company. Consistent IT support guides how to resolve minor IT mishaps, thus preventing instances of downtime. In severe cases, a business should have in place a response team to provide the required assistance for resolving security and IT problems. Therefore, business leaders should consider allocating enough resources for catering for both remote assistance and on-site help where support experts must be physically present.
14. Update incident response policies
Incident response policies should be updated to reflect the changing work environment. Most companies maintain their plans to respond to on-site security events, with little or zero focus to remote working. Given the current circumstances, it is instrumental in developing and maintaining an incident response plan centered on responding to personal attacks and data breaches. Also, organizations should train employees on their specific roles in implementing the plan, and the organization to conduct a simulation of rolling it out.
15. Avoid free networks and internets
It is common for individuals to connect to public Wi-Fi hotspots to utilize the free internet. However, hackers can easily snoop the traffic communicated through the network, while advanced actors can hijack the whole connection. Using the networks to access organizational resources invites hackers to infect systems and networks with data exfiltration malware, spyware, trojans, and viruses. If public networks are the only available internet sources, then employees must use a reliable VPN and ensure all communicated information has strong encryptions.
16. Observe strong physical security
Physical security entails implementing measures to curb device theft or unauthorized physical access to a computer’s contents. To achieve this, employees must ensure to store their work devices safely to prevent loss or theft. Stolen devices might contain sensitive information, and this can easily find their way to the black market. Also, a malicious individual might be plotting on how to physically access data stored on a computer. Implementing measures such as strong passwords ensures the prevention of such plots.
17. Install antivirus and antimalware tools
Antivirus and antimalware software are vital in detecting and removing viruses. Most operating systems come with their inbuilt antivirus software, which contains a database with common virus signatures. Once a malicious actor introduces a virus to the system, the antivirus matches its signature with the database. It provides an alert once there is a match. For this to be effective, employees must always download new security definitions and updates once they are available. Where possible, users should consider more intelligent antivirus solution to ensure the detection of all malware types.
18. Observe a clear desk policy
Although working from home does not pose serious threats of malicious employees or individuals, it is always essential to leave a clear desk. A clear desk policy simply means clearing any information and paper trail that can threaten information CIA if accessed by the wrong person. Such include written passwords or paper documents holding critical data. For instance, a well-intentioned person may come across a written password for a device and use it to gain access for personal use. This action might lead to security incidences if the user visits a phishing website or disables some security configurations. Employees must ensure to clear their desks every time they leave their workspace.
169 Avoid sharing URLs for virtual meetings
Virtual meetings are the norm in work from home environments. Employees should avoid sharing the URLs of scheduled virtual meetings in public places such as social media and other open platforms. Publicly shared conference IDs allow unauthorized individuals to access private meetings, which contradicts the very essence of privacy. It might cause information leakages, and this violates various compliance regulations. Besides, unauthorized access could result in compromised business strategies, insecurity, and loss of highly sensitive information.
20. Log off once done
Employees must ensure to log off from their devices every time they leave their workspaces. This practice prevents unauthorized access to their computers, further safeguarding the stored or access information. Logging off also prevents the devices from theft and instances of unauthorized use. Most devices support a log-off timer, where they can automatically lockdown after a period of idleness. Employees should utilize such functionalities and set the periods to be at most two minutes. As such, they can automatically lock even if the user takes only a short break. Preventing unauthorized access can protect from a myriad of security problems, thus ensuring the security and CIA of data and connected devices.
I am a cyber security professional with a passion for delivering proactive strategies for day to day operational challenges. I am excited to be working with leading cyber security teams and professionals on projects that involve machine learning & AI solutions to solve the cyberspace menace and cut through inefficiency that plague today’s business environments.