Security and its Place in a Remote Working Era

Security and its Place in a Remote Working Era

·

7 min read

Cybersecurity | Remote Work

How to Ensure Remote Work Security in the Post-COVID Era

CC 4.0

While most employees nowadays work in a hybrid environment, the possibility of working remotely has presented luxuries in the past, such as working from abroad for extended periods. Employees who work remotely require remote work security because of different scenarios, such as:

  • Working from home (WFH),
  • Traveling for business, or
  • Working in any location outside the company’s offices (e.g., café or co-working space).

For cybersecurity teams, this new reality brings more threats to be tackled. As a result, they must make sure their security strategies change and adapt to the threat landscape.

Security Risks of Remote Working

Traditional IT security approaches have long been perimeter-based, so they are concerned about what happens inside the office and the corporate infra. However, when users work remotely — performing their job duties from remote locations, the potential security threats rise.

The main problem is that — people are accessing corporate data and systems from outside the corporate perimeter. All the previous perimeter-based measures would not be adequate against such dynamics. Let’s consider remote work security risk factors. We can separate them into:

  • Network risk
  • User risk
  • Device Risk

Network Risk

Work from home or anywhere but the office, meaning employees could connect to the corporate accounts via the home WiFi network or, worse, using unsecured public WiFi (like free WiFi in cafes). However, this introduces a new attack surface for malicious actors to spy on the connection and harvest confidential information. For example, data sent via an unencrypted WiFi network might be intercepted and stolen by someone nearby.

Many organizations raced to prop up overloaded remote access and virtual private network (VPN) environments to support a small percentage of the workforce. Then, suddenly, 100 percent of users were working remotely, and everyone required access to the tools and information they needed to keep the business up and running.

However, VPN appliances aren’t scalable to meet the needs of today’s digital and agile environment, in which reliable access anywhere is required. Moreover, because a VPN provides access to an organization’s entire network, it introduces a vast security gap that can be exploited if a threat actor gains user credentials access.

User Risk

Human factors present one of the most significant security risks. For example, remote workers who lack an awareness of security risks may be susceptible to phishing scams. In addition, distracted employees could unknowingly disclose their login credentials in a public area.

The IT staff needs more visibility into the endpoints and potentially risky user behavior when remote working. In addition, working in different time zones, remote workers may have to make cybersecurity decisions independently if the IT department is not available to assist them immediately. For example, they need to verify the legitimacy of a suspicious instruction through a different communication.

Device Risk

Many remote working employees use their personal devices for two-factor authentication, and they may have mobile app versions of collaboration software, like Teams and Zoom. This confusion between personal and professional life increases the risk of sensitive information falling into an insecure environment.

Cloud documents, emails and attachments, and third-party services are all vulnerable. And without proper digital asset management tools available for remote work, your attack surface has grown much broader.

Remote work also enables a trend of allowing employees to use their devices at work, commonly referred to as “Bring Your Own Device” (BYOD). Of course, BYOD is not new to us. But, with most employees using personal devices for work, it would introduce unknown remote working security risks.

How to Maintain Security When Employees Work Remotely

The National Institute for Standards and Technology (NIST) cybersecurity experts offer tips in NIST SP800–46 Rev2 (Security for Enterprise Telework, Remote Access, and Bring Your Own Device Solutions). They also published an [Infographic] if you want a shorter version.

Remote Work Security Best Practice: Dos and Don’ts

CC 4.0

Dos

  • Trust no one by default. Cyber hygiene is equally important as personal hygiene. Always think twice before clicking a link or downloading a file. Is it safe? Even a wink of incaution may lead to accidental data deletion or falling for a phishing attack.
  • Store work-related content on company-approved cloud services to reduce the risk of data exposure.
  • Implement Multifactor Authentication (MFA) to reduce the risk of attack from credential theft.
  • Use updated antimalware software to reduce the attack surface on the device.

Don’ts

  • Don’t Forward work-related emails to personal accounts to prevent credential theft or brute force attacks.
  • Don’t store work-related content on personal equipment (e.g., laptops and cell phones) to prevent accidental data loss.
  • Don’t use your company-owned desktop session for non-work-related activities like social networking, video streaming, or personal shopping. It is essential to reduce risk exposure and prevent accidentally accessing phishing sites.
  • Please don’t click on an unknown email attachment because it is the most direct way malicious actors plant their malware. For example, most small work security outbreaks are started by phishing emails.

Tips For Creating a Remote Work Security Policy

Your remote work security policy doesn’t have to be a complicated document. The first is to make a security policy specifically designed for remote workers. ESG’s report also asked cybersecurity professionals regarding the main challenges for security staff in the transition to work from home going smoothly. The concerns are

  1. Secure configuration of employee devices
  2. Secure access
  3. Remote monitoring

Thus, a successful policy should address all three.

Assess Governance and Compliance Processes

Catalog IT governance and compliance by reaching out and documenting IT responsibilities — the security, privacy, and compliance policies that protect the organization and its resources. For example, suppose data from the legal department always be constantly available, per regulation, for discovery and audit. In that case, cloud-based storage vendor platforms must conform to those compliance obligations.

Tighten Access (Least Privilege)

Remote work security policies should specify clear roles for defined personnel and their access to defined applications and data. This process should account for all shadow IT resources and determine how access is logged and reviewed.

Data Security

As it traverses the cloud and internet, sensitive data (data-at-rest and data-in-motion) should be encrypted. Many cloud providers open Application Program Interfaces (APIs) to their services, which third parties can use to enforce their encryption or data loss prevention (DLP) policies, among other security measures. Document security requirements for internal and external data stores. Also, the remote work policy should state distinctly how remote workers handle data on cloud services and devices.

Be aware of data security to and from the cloud. Therefore, it is good to set clear policies on connectivity security, including secure sockets layer (SSL) and cloud virtual private network (VPN) requirements, data-in-transit encryption, and network traffic scanning and monitoring.

Integrated Security Controls

A single infected endpoint can cause a data breach in multiple clouds. Develop policies for remote device access to cloud resources and the required endpoint security.

More than one security solution is required. However, more security solutions with integration may create gaps or vulnerabilities. Instead, it should integrate seamlessly with your existing security stack — including your secure web gateway (SWG), firewall, data loss prevention (DLP), cloud access security broker (CASB), security operations center (SOC), and isolation capabilities.

Conduct Frequent Security Audits.

Maintain current and adequate security by periodically reviewing all remote work security policies. During these audits, ensure cloud services are configured as expected—upgrade components to remain ahead of the latest threats and business needs.

Explaining and Incentivizing Good (Secure) Remote Work Behaviors

Ensure employees understand how security risks change when away from the office with awareness training. Given the situation, remote workers are paying closer attention to corporate communications.

You can usethis chance to review remote security best practices for phishing attacks and social engineering using the latest virus-related examples from threat actors. Then, at last, the company should encourage good behavior, like reporting a suspicious email promptly.

Final Words: We Will Be Remote Workers For a Long Time, Be Secure.

Yes, the new reality is here and will stay for a more extended period. Therefore, waiting focused while remote working may be challenging but crucial.

Many organizations responded by deploying Zero Trust Network Access (ZTNA) tools to replace or augment existing VPN environments for remote work. These ZTNA solutions were scalable links between applications and a highly distributed workforce. In addition, ZTNA solutions are critical of the Secure Access Service Edge (SASE) framework that provides secure access to internal applications regardless of the underlying infrastructure or connection.

After all, your company’s security depends on it. Yet, everything is not so scary. With backups and secure remote work solutions, human error becomes less risky.

Thank you for reading. May InfoSec be with you🖖.

Did you find this article valuable?

Support Z3ncurity by becoming a sponsor. Any amount is appreciated!