By Elmar Geese, COO, Greenbone Networks
At the beginning of the coronavirus pandemic, employees switched to working from home practically overnight. No-one was truly prepared for this sudden change in circumstances, and the quick turnaround meant that there was very little time – and often precious few resources – to provide the necessary security for remote workstations. Indeed, SentryBay found that 49% of employees feel insecure about the security of working from home, and rightly so.
The dangers of remote working
The biggest problem is that home offices usually lack the protective measures that are available on corporate networks, and so the laptops or desktops that are now being used at home – so-called Work From Home Devices – are no longer operating within well-secured company networks. As a result of moving onto a less secure network, where there are also potentially numerous other systems that are difficult for the IT department to manage remotely, the attack surface is increased and new points of weakness are created through which cybercriminals can penetrate the corporate network. Indeed, a family computer might be running older, unpatched systems where updates have been regularly neglected, and a hacker can use this vulnerable device to gain access and compromise other devices on the home network and look to enter the corporate network that way.
Concurrently, hackers are also taking advantage of the general insecurity caused by the coronavirus pandemic. Google, for example, has recorded 18 million coronavirus-related scam emails a day, and Check Point found as many as 6,000 COVID-related domain registrations being made in one week at the start of the pandemic. From here, hackers can masquerade as network administrators, for example, and ask employees to upgrade their system. If employees click on the link sent through to them via email, they could end up installing a manipulated VPN client that routes all network traffic through to the hacker’s server. Cybercriminals are ramping up their malicious activities and since home office environments aren’t as protected, they have a greater chance of success with everyone working remotely.
Indeed, as home-working looks to become the new norm, with IBM finding that 54% of workers would like to switch permanently to working remotely on a full-time basis, even after the coronavirus pandemic, organizations must ensure their employees are working safely by identifying and remediating any security flaws. Employees and organizations need to ensure that they stay vigilant when it comes to their home office security, and should expect some unusual activity. They must also take the time to secure their workstations.
Ensure optimum VPN configuration
As a rule of thumb, organizations should ensure that employees working from home are dialing in to the corporate network via a VPN client. These VPNs should be configured to differentiate between data traffic that is routed through the corporate infrastructure and outside requests that go directly to a public internet server. When configured in this way, only the traffic that is intended for the corporate network can get through. It also allows employees to securely access more company resources to make working from home more productive. Alternatively, organizations can also change the VPN configuration so that certain actions that work on the LAN are not permitted in the home office.
It’s important to remember, however, to configure the VPN access and permissions. If not, employees may be authorized to download and install files which could end up infecting their device with malware, and then the company network by association. Rights that apply in the company network must not be transferred over to the home office, as, while downloads are filtered by a firewall within a secure infrastructure, they can pass undeterred in a less secure network.
Manage your vulnerabilities
To minimize risks in the home office, companies should extend their security concepts to remote environments. An important measure here is vulnerability management, a solution that continuously scans all systems connected to a network for security gaps, prioritizes them according to risk, and suggests methods for mitigation.
For example, vulnerability management can detect insecure configurations or missing patches by scanning home office networks for vulnerabilities. All the IT department has to do is to create a new gateway on the solution’s platform and make it available to the employee as a download. They then install it as a virtual machine on their company laptop and the scan can start. If the company already uses such a solution internally, it’s likely no additional costs will be incurred for the home office gateway.
Build cyber resilience
Cybercriminals have more targets than ever with the vast majority of people working from home. They also continue to develop sophisticated attacks to infiltrate complex organizational cyber networks. Achieving a state of sustainable cyber resilience is vital if enterprises are to combat this threat.
Instead of taking a reactive approach to IT security, organizations must look to preventively and sustainably reduce the attack surface, maintaining operations both in and out of the office even during an attack. To achieve this, companies must be able to identify weak points early on, prioritize them efficiently, and then eliminate them. A paradigm shift must take place from cybersecurity to sustainable cyber resilience.
While risks can never be truly eliminated, they can be mitigated. Instead of creating an impenetrable bubble around an organization’s IT network that would be far from flexible, IT security must become resistant to outside attacks and start from the bottom by creating a stable foundation, implementing technologies that can detect and constantly monitor weaknesses. The weak points might still be there, but they aren’t out of sight and are managed to reduce the level of risk.
It’s not just the IT team that should carry the burden of cybersecurity either. Management should also take responsibility for cyber resilience, integrating it into corporate strategies to ensure that all business processes are reviewed for potential risks so that employees can be proactively protected against attacks, wherever they‘re working.
Secure home working for the future
Even as some business returns to normal, working from home will undoubtedly play a huge part in the future of work. While this will have many benefits to workers – shorter commutes, more family time – organizations also need to be aware of the risks and do everything possible to make the extended attack surface that has arisen with home-working resistant to cyberattacks. By monitoring security gaps and employing the likes of vulnerability management, and by striving to become sustainably cyber resilient, weak points in the home network can be detected and remediation measures can be put in place. As a result, employees will feel safe that they can work securely from home and the company will have better control over the security of its systems, now and in the future.
Elmar Geese, COO, Greenbone Networks is a noted Entrepreneur, Leader, Advisor, Business Developer, and Community Member and has over three decades of experience within the IT sector, working as founder, manager, and consultant. Most recently, he was CIO at the Berlin health start-up machtfit, where he was responsible for the company’s SaaS platform for occupational health management. As head of product development and operations, he also contributed to the long-term acquisition of customers such as Bayer AG, Deutsche Bahn, Lufthansa, Edeka and Lanxess.