YouGov recently reported that 46% of the UK workforce now work from home at least some of the time each week. Whilst this switch to remote working has had advantages, maintaining security has posed a problem to many businesses.
If remote working is not carefully managed it can pose a high risk to the protection and control of business data; outside the office environment, it can prove more difficult to manage blocked IP addresses, data access and data storage across the many devices that employees are now using.
The new remote working adoption rates created by Covid-19 comes with high risks: Poorly secured WiFi, weak passwords, and vulnerable collaboration tools leave many employees open to attack outside the normal office environment.
The increased pressure on access points and VPN services to keep employees online in a safe way is also leading to issues.
Attackers have picked up on the increased technological vulnerability and have been launching more attacks than ever, many of which have been exploiting the Covid-19 pandemic.
Info Security Magazine reported that since the start of lockdown in March 2020, phishing emails have increased by 667%. These kinds of phishing and malware attacks have had devastating consequences for both businesses and individuals.
In March 2020, Marriott Hotels suffered a large data breach which was reported to have stemmed from hackers accessing login credentials of just two employees. This breach alone was reported to have affected 5.2 million of their loyalty card holders.
Since the introduction of the GDPR across the EU in 2018, businesses also risk being fined for any data breach they sustain. In 2020, Cyber attacks have become very sophisticated and the volume of data that hackers are able to steal is ever increasing.
Generally, the more data that is stolen or compromised, the more the attack costs to recover from; IBM recently reported that the average data breach now costs US businesses $3.92 million and that the average time to identify and contain a data breach is 280 days.
Multi-Factor Authentication (MFA), supplements a login password with two or more pieces of additional information, such as a one-time code, pin, fingerprint or face recognition. MFA ensures access is granted to the specified user only and enables the business to manage access easily.
If this is something you are keen to set up, Infinity Group’s UNITE Security Hardening solution (Microsoft 365 Security Hardening) can include auditing, alerts, conditional access policy setup, MFA, Enterprise Mobility+ Security setup alongside Microsoft Intune – please contact us for more details.
Are all your employees using the same platform to make video calls? Some video conferencing services have questionable security features, we recommend you use a business grade video calling platform such as Microsoft Teams or Zoom for Business or Enterprise and adjust the security settings accordingly.
As well as using a secure platform, details of what data employees can and can’t share via video calls should be clearly explained. This is particularly important when a third party is joining as it is easy to take screen grabs of confidential business data they may not normally share whilst in the office.
VPNs a Virtual Private Network (VPN) provide end-to-end network security which is particularly important when staff are accessing company systems remotely. Strong passwords and encryption must be mandatory and changed on a regular basis.
We recommend using SharePoint to house business documents as you can easily set conditional access policies and to also utilise Azure Information Protection AIP which allows you to track and control who is accessing your data.
AIP is a cloud-based solution that enables organisations to classify and protect documents and emails by applying specific labels to documents. Eg Highly confidential, accessible by certain personnel only, personal data.
There are several common forms of cyber-attack on the increase:
Cyber threats are constantly evolving to evade detection; It is no longer enough to have perimeter defences to defend against known attackers. In recent years we have witnessed RAA Ransomware, Petya, Bad Rabbit, Zepto and Locky. New forms, like the Glupteba malware are springing up every day. To protect against these attacks, businesses have to invest in sufficient monitoring and protection and be more proactive and adaptive in their approach to remote work and cyber security.
Identify and Action Weaknesses
Perform a comprehensive risk assessment of your organisation’s technological infrastructure, remote workers setups, and external tools.
Start by identifying the most valuable assets your company has and how you currently protect those. Then, work outwards until you know where threats could come from and what effect they would have.
Re-run your risk assessment on a monthly basis to identify for any changes. Ensure that the risk assessment is not completed by the same person each time otherwise things can get overlooked.
By doing this, your company should always have sufficient protection in place and this activity should work in your favour should a large breach occur as it shows your business is proactive and demonstrates good cyber security measures.
Once you are aware of your weaknesses and where threats come from, you can focus on allocating budget and resources. Even with an increased budgetary allowance, your security problems will not solve themselves.
The resources must be used according to a well-informed, comprehensive security development plan. This plan can take the form of an IT Security Governance Framework which will examine your current security and see how it needs to be adjusted to fit your new security needs. Infinity Group can undertake these for clients alongside helping your business to become Cyber Essentials certified.
There is a lot to consider when putting together a long-term cohesive Cyber Security Plan/Framework:
Employ a zero-trust mindset. This means you should not automatically trust anything inside or outside of your perimeters; Verify everything before granting access to your systems. This applies to employees, downloads, applications and processes and third party partners/clients.
Security issues with working remotely do not stop with short term solutions. As well as protecting against current work from home threats, you also have to protect against future threats with a robust long-term plan.
By building security into long-term business development you can make sure that you will never be caught short again and you can be free to focus on your other operations.
One of the main long-term steps in remote work security is the consistent training of staff; role-specific education especially is a very effective tool at reducing the risk of human error.
When accidents happen and potential threats/breaches do occur within the businesses, we strongly recommend you undertake a Root Cause Analysis exercise to ensure these are used as learning experiences to make your cyber security defences even stronger.
Disaster Recovery planning is paramount. Even if you have the best cyber security in the world it is still possible that you will be a victim of a cyber-attack.
If there ever is a breach/attack/natural disaster such as a fire, burglary or flood this plan can be quickly deployed to limit damage, recover data and avoid disruption.