Remote work boom threatens home users and business systems
Due to the COVID-19 pandemic, the majority of users have to work from home. This has completely changed the cyber threat landscape: attackers have started opportunistically targeting home users rather than corporate networks.
Before the shut-downs, attacks on business systems such as ransomware, viruses, and remote access trojans (RATs) were combated by professionals. IT security teams defended their applications and networks from external threats, supported by a host of enterprise-grade tools and systems. Now, remote teams’ devices are connected to their home network, giving a new avenue for criminals to exploit, a route that has few protections.
Cyber criminals are changing their strategies of attack, adjusting traditional attack methods to suit the COVID-19 crisis. The flow-on effect is notable in the rise of certain forms of attack, particularly malicious phishing attachments. Change in attack methods is evident with the reduction of botnets per month as well as the reduction of IPS-based triggers.
Educate your employees on cyber safety
Anyone working from home must remain aware of online threats and scams. Cyber criminals and hackers are actively taking advantage of the COVID-19 crisis by posing as medical organisations and tricking users into providing confidential data. These scams and schemes are often good enough to pass as genuine communications, at first glance: so ensure your team has comprehensive knowledge on browser security and email best practices. They must not open suspicious or unknown emails, be wary of attachments from unknown sources, and only install applications from a trustworthy source. Additionally, they must check the URL before downloading software and updates, and monitor for suspicious activity on their devices.
Your team should also change passwords often, on their personal and home devices, ensuring they choose strong passwords that include an upper-case letter, a number, and a unique character.
The Australian government is taking an active role in warning the public of some common threats. Your corporate policies need to be much stricter for home users: weekly security-related reminders (at a minimum) should go out to staff who are working at home.
Safeguard your remote workforce
Some methods for protecting your remote workforce include:
Support coverage should be available at all times for your remote team. Place focus on helpdesk and assistance, extending this support to evenings and early mornings because your staff will likely be working out of hours if they care for their family during the day.
- Users must update their OS
All your users must have information and guidance on how to enable automatic updates on their devices. So many vulnerabilities – especially for Windows – are patched on an ongoing basis; at the same time, some users haven’t updated their machines in months. This simple omission can lead to falling foul of the latest and greatest malicious attacks.
- Install security software
All devices should have real-time malware scanning. There must be automatic updates on all security software once a day to ensure the protection of devices from the latest threats. You may have to buy new anti-virus tools to cover your remote workers’ home devices: don’t trust users to select the right solution.
- Enabling a secure VPN
No one should be able to connect to your internal servers unless they have a secure VPN for all traffic on the device. If your staff require remote access to your network, it is worth investing in a trustworthy VPN solution. By disabling split-tunnelling, you protect your data from unencrypted connections running on the same network.
Some organisations are allowing the use of user-configured remote control solutions – the potential for issues here is massive. Don’t let users fire up a TeamViewer connection from their personal machine to a sensitive resource without ensuring their endpoint is completely secure.
- Securing home routers
Routers are a typical vulnerability. Although the majority of service provider-supplied routers are safe, ensure your colleagues change the default passwords and upgrade from unbranded routers that may be less secure. In our experience, a large proportion of home routers have a complex WiFi password but use default credentials for router admin access, leaving an enormous back door open.
- Multi-factor authentication (MFA)
It is imperative to have MFA, especially if your team logs in to services such as payroll, collaboration, and file sharing. You secure the rest of the system this way, even if hackers gain access to credentials. Your colleagues must also enable MFA on their mobile devices, and can use Yubikey or Google Authenticator (Authy) to manage their MFA needs.
Secure your remote workers with CCNA RemoteReady
CCNA specialise in secure technology solutions and services within the Enterprise, Government, and Carrier space. We have switched the vast majority of our customers and their users to secure remote work solutions during these times, from corporate offices to call centres.
You can not afford to increase your exposure to cyber risk during a lockdown or pandemic. Contingency planning (by enabling new security controls) is extremely important to ensure business continuity at the same acceptable level of risk.
Regardless of what controls you put in place, it is imperative that your business is able to operate seamlessly in these times. This requires effective and efficient remote work by your workforce: solutions that are both secure and effective.
A secure-by-design remote work solution is a must-have.