Securing your Remote Workforce2021-01-26T10:32:37+00:00
YouGov recently reported that 46% of the UK workforce now work from home at least some of the time each week. Whilst this switch to remote working has had advantages, maintaining security has posed a problem to many businesses. If remote working is not carefully managed it can pose a high risk to the protection and control of business data; outside the office environment, it can prove more difficult to manage blocked IP addresses, data access and data storage across the many devices that employees are now using.
Remote Workforce Vulnerabilities
The new remote working adoption rates created by Covid-19 comes with high risks: Poorly secured WiFi, weak passwords, and vulnerable collaboration tools leave many employees open for attack outside the normal office environment. The increased pressure on access points and VPN services to keep employees online in a safe way is also leading to issues.
Attackers have picked up on the increased technological vulnerability and have been launching more attacks than ever, many of which have been exploiting the Covid-19 pandemic. Info Security Magazine reported that since the start of lockdown in March 2020, phishing emails have increased by 667%. These kinds of phishing and malware attacks have had devastating consequences for both businesses and individuals. In March 2020, Marriott Hotels suffered a large data breach which was reported to have stemmed from hackers accessing login credentials of just two employees. This breach alone was reported to have affected 5.2 million of their loyalty card holders.
Since the introduction of the GDPR across the EU in 2018, businesses also risk being fined for any data breach they sustain. In 2020, Cyber attacks have become very sophisticated and the volume of data that hackers are able to steal is ever increasing. Generally, the more data that is stolen or compromised, the more the attack costs to recover from; IBM recently reported that the average data breach now costs US businesses $3.92 million and that the average time to identify an contain a data breach is 280 days.
Multi Factor Authentication is a Must Have for all Remote Workers
Multi-Factor Authentication (MFA), supplements a login password with two or more pieces of additional information, such as a one-time code, pin, fingerprint or face recognition. MFA ensures access is granted to the specified user only and enables the business to manage access easily. If this is something you are keen to setup, Infinity Group’s UNITE Security Hardening solution (Microsoft 365 Security Hardening) can include auditing, alerts, conditional access policy setup, MFA, Enterprise Mobility+ Security setup alongside Microsoft Intune – please contact us for more details.
Video Calls/Online Meeting Management
Are all your employees using the same platform to make video calls? Some video conferencing services have questionable security features, we recommend you use a business grade video calling platform such as Microsoft Teams or Zoom for Business or Enterprise and adjust the security settings accordingly.
As well as using a secure platform, details of what data employees can and can’t share via video calls should be clearly explained. This is particularly important when a third party is joining as it is easy to take screen grabs of confidential business data they may not normally share whilst in the office.
How Secure is Your VPN?
VPNs a Virtual Private Network (VPN) provide end-to-end network security which is particularly important when staff are accessing company systems remotely. Strong passwords and encryption must be mandatory and changed on a regular basis. We recommend using SharePoint to house business documents as you can easily set conditional access policies and to also utilise Azure Information Protection AIP which allows you to track and control who is accessing your data. AIP is a cloud-based solution that enables organisations to classify and protect documents and emails by applying specific labels to documents. Eg Highly confidential, accessible by certain personnel only, personal data
Ransomware: A type of malware which locks you out of your device or encrypts your data and claims it will let you back on once you’ve paid a ransom. However, this is no guarantee and ransoms can be huge.
Phishing: An attack which disguises itself as a helpful or benign piece of information to trick users into clicking through to a malicious site or downloading a piece of malware. Phishing can be conducted via text or social media but mostly occurs through business email.
Cyber threats are constantly evolving to evade detection; It is no longer enough to have perimeter defences to defend against known attackers. In recent years we have witnessed RAA Ransomware, Petya, Bad Rabbit, Zepto and Locky. New forms, like the Glupteba malware are springing up every day. To protect against these attacks, businesses have to invest in sufficient monitoring and protection and be more proactive and adaptive in their approach to cyber security.
How to Strengthen Your Approach to Cyber Security With Your Remote Workforce
Identify and Action Weaknesses
Perform a comprehensive risk assessment of your organisation’s technological infrastructure, remote workers setups, and external tools. Start by identifying the most valuable assets your company has and how you currently protect those. Then, work outwards until you know where threats could come from and what effect they would have.
Re-run your risk assessment on a monthly basis to identify for any changes. Ensure that the risk assessment is not completed by the same person each time otherwise things can get overlooked. By doing this, your company should always have sufficient protection in place and this activity should work in your favour should a large breach occur as it shows your business is proactive and demonstrates good cyber security measures.
Once you are aware of your weaknesses and where threats come from, you can focus on allocating budget and resources. Even with an increased budgetary allowance, your security problems will not solve themselves. The resources must be used according to a well-informed, comprehensive security development plan. This plan can take the form of a IT Security Governance Framework which will examine your current security and see how it needs to be adjusted to fit your new security needs. Infinity Group can undertake these for clients alongside helping your business to become Cyber Essentials certified.
There is a lot to consider when putting together a long-term cohesive Cyber Security Plan/Framework:
Devices: protecting physical devices is just as important as the software within them. Regular updates, running tests and passwords are key components of device security.
Data security: protecting all the data inside of networks, apps and software. This can be managed with password protection, data sharing protocols and a strict GDPR policy.
Network security: protecting the network from unwanted users, attacks and intrusions. This can be done with password protections and regular scans.
Application security: updating apps to make sure they have the latest security installed. Only install apps which are trusted.
Endpoint security: Remote working requires a remote access capability. This is a particularly weak point for data and so requires special protection. Educating users on proper password practise and two-factor authentication can be a good way to protect against this. Sophos Endpoint Protection is another useful tool.
Cloud security: digital storage environments like the cloud require just as much protection as physical or in-house storage solutions.
Employ a zero-trust mindset. This means you should not automatically trust anything inside or outside of your perimeters; Verify everything before granting access to your systems. This applies to employees, downloads, applications and processes and third party parters/clients.
Look to the Future
As well as protecting against current work from home threats, you also have to protect against future threats with a robust long-term plan. By building security into long-term business development you can make sure that you will never be caught short again and you can be free to focus on your other operations.
One of the main long-term steps is the consistent training of staff; role-specific education especially is a very effective tool at reducing the risk of human error. When accidents happen and potential threats/breaches do occur within the businesses, we strongly recommend you undertake a Root Cause Analysis exercise to ensure these are used as learning experiences to make your cyber security defences even stronger.
Disaster Recovery planning is paramount. Even if you have the best cyber security in the world it is still possible that you will be a victim of a cyber-attack. If there ever is a breach/attack/natural disaster such as a fire, burglary or flood this plan can be quickly deployed to limit damage, recover data and avoid disruption.