Expanding Work-from-Home Increases Cybersecurity Risk

Maintaining strong cybersecurity is crucial as organizations make impromptu decisions to send more and more employees to work from home to help minimize the spread and impact of COVID-19. Before you expand and extend your remote workforce, it’s critical that you take appropriate steps to ensure that by decreasing a health risk to your business, those same actions don’t conversely increase a cybersecurity risk.

Most cybersecurity incidents start with the endpoint so it’s paramount to have a layered defense as more employees work from home. Organizations will encounter increased cybersecurity vulnerabilities due to laptops and devices typically protected within the corporate IT perimeter are suddenly outside the IT perimeter and:

• connecting to home networks and public Wi-Fi
• connecting to consumer-grade IoT devices
• used more frequently for personal tasks and email

All of which expose these devices to more threats that can be brought back to the corporate network once connected remotely or upon return to the work environment.

To top it off, hackers are opportunistic. With COVID-19 as a distraction, it would be no surprise to see an increase in malicious cyber attack activity.

Here are some key cybersecurity recommendations to mitigate this risk. We recommend all organizations complement their Work-from-Home policies with these effective and practical cybersecurity measures.

Bolster endpoint security: While anti-virus tools offer some level of protection, layered security defenses are needed to rapidly mitigate threats posed by persistent and well-funded adversaries. Endpoint detection and response (EDR) capabilities such as EventTracker EDR provide an added layer of protection to terminate suspicious activity in real time.

If you are already a Netsurion customer, consider expanding the install base of your EventTracker agents to encompass your most critical employee laptops that are going remote. These light-weight agents monitor and protect devices even when not connected to a corporate network.

Use a virtual private network: When connecting to unsecured networks such as Wi-Fi hotspots, use a virtual private network (VPN). A VPN encrypts your organization’s data to prevent cyber criminals from lurking on the network to intercept login credentials or sensitive data like financial accounts and intellectual property.

Share cybersecurity awareness tips for remote work: Maintain and reinforce security awareness training with the addition of working from home policies. Reinforce topics such as productivity, phishing emails, removable media tips, and protecting sensitive data during team meetings and company updates.

Avoid pandemic scams: The Cybersecurity and Infrastructure Security Agency (CISA) advises organizations to take precautions against opportunistic phishing emails and social engineering attempts to gain access to corporate resources and sensitive data or solicit donations for coronavirus charities. CISA is a U.S. government agency that partners with private industry to defend against today’s threats and collaborating to build a more secure and resilient infrastructure.

Next Steps

COVID-19 concerns are transforming where and how work is performed. Yet, merely shutting an office and sending all employees to work from home can accelerate risk and lead to potential data breaches. Consider EDR and anomaly detection as a practical and effective way to prevent, detect, respond to, and predict cybersecurity attacks. Your Business Continuity Plan (BCP) should address how to mitigate cybersecurity risks such as endpoint security gaps when expanding and extending remote work policies.

Continue to be vigilant regarding emerging and opportunistic threats. COVID-19 is the perfect distraction that could enable cyber criminals to exploit your employees or supply chain partners when there are new processes and technology that could result in increased vulnerability. Only when you adequately prepare for remote work and its related challenges will your organization achieve cyber resiliency to protect sensitive data and assets.

Netsurion ensures that you have comprehensive cybersecurity across your organization, including endpoint protection, even for devices outside the corporate network. Learn more about our proven co-managed SIEM solutions that augment your capabilities.