The New Normal – Staying “Cyber Safe” with Remote Workers

With the decision of Indian Prime Minister Narendra Modi to implement a country-wide lockdown last Tuesday, as much of a third of humanity is now at home – around 2.6 billion people –according to Agence France-Press. Those who are able to, are trying to continue to hold down jobs by keeping up with work from home - but the home technology isn’t always up to the task.

Many employees doing work remotely are finding that their home Internet connection is not reliable enough. In parallel, organizations around the globe are scrambling to scale their internal work from home arrangements in a way that limits cyber security threats - a natural result of having an entire staff located outside of the office.

CO1-CyberProof-Blog23-StayingCyberSafeWRemoteWorkers

CAN’T THE HELP DESK FIGURE IT OUT?

Because so many of us are at home and online, the Internet is supporting a huge spike in traffic and performance is suffering. The infrastructure doesn’t scale, reliability is impacted - and the helpdesk is unable to cope with the deluge of tickets. Moreover, for employees experiencing difficulties with their Internet connection, the variables of a work from home (WFH) setup are too many and too unpredictable for a corporate helpdesk to be of much use. 

Let’s say, for example, a remote employee calls the helpdesk and the tech support team starts troubleshooting. If the employee is working with a corporate asset, the team is familiar with the software image of the device; but if the employee is using a personal device, it’s hard to know where to start: Is it a problem with the desktop, laptop, or iPhone that the employee is using? Is the issue the wireless connection? Or perhaps there’s an Ethernet connection? Maybe it’s the home router, but there are hundreds of different kinds of equipment. Or the problem could be unrelated to the hardware and simply be due to the service provider’s connection. For a typical corporate helpdesk, troubleshooting this type of very complex scenario is going to be extremely challenging.

THE CYBER SECURITY RISKS ASSOCIATED WITH HAVING A WFH STAFF

The problem is not “just” one of operational functionality, but also of cyber security. For the majority of organizations, having an entire staff work remotely creates new security vulnerabilities. 

While existing WFH setups can work as a stopgap measure for a small number of remote workers using the system on an occasional basis, there are unreasonable risks involved in having all of an organization’s employees accessing enterprise applications and assets on home devices over a home Wi-Fi.

WFH EMPLOYEES ARE EXPOSED TO MORE PHISHING AND MALWARE ATTACKS

In a crisis situation like this, the underground community springs into action. Hackers, including cyber criminals and state-sponsored threat actors around the world, are taking advantage of the COVID-19 outbreak to accelerate activities and spread their own infections. 

CO2-CyberProof-Blog23-StayingCyberSafeWRemoteWorkers

Home workers are easy targets for phishing and malware attacks that attempt to steal their personal information or gain access to company accounts. 

Phishing emails – in addition to voicemails (vishing) and text messages (smishing) – “phish” for information that is then used by cyber criminals in further schemes such as spear phishing campaigns (targeted phishing attacks), credit card fraud, and account takeover fraud. According to MSSP Alert, coronavirus-related email phishing attacks have spiked 667 percent since March 1, sparked by hackers taking advantage of the fear and uncertainty surrounding the pandemic. People are being tricked into opening malicious documents or clicking on malignant links. For example, the World Health Organization posted an alert last month about hackers impersonating the agency to steal money and confidential information.

One way that organizations can take steps to reduce the risk of this kind of attack is through training – specifically, by raising the awareness of the WFH team, explaining common hacking techniques and providing information about the risks associated with them.

THE OPERATIONAL LIMITATIONS OF VPNS 

Aside from phishing and malware, other kinds of issues are related to long-term work from home. For organizations that are used to setting up remote workers with a virtual private network (VPN), for example, there’s a fundamental problem in that legacy VPN servers generally can’t scale. 

Those currently using a VPN are likely to discover that it can slow down Internet speeds, such that WFH teams may encounter problems when performing high-bandwidth tasks such as holding video conference calls.

AN UPTICK IN VPN-RELATED HACKER ACTIVITY

And that’s not all. VPN solutions have been the target of a wide range of attacks that began at the end of 2019.

The sharp increase in this kind of attacks is directly connected with the spread of the coronavirus pandemic. As the coronavirus continues to spread all over the world, organizations are ramping up the use of VPNs for remote work. The increase in the usage of VPN platforms has attracted hackers’ attention, and they are attempting to abuse it.

Now more than ever, patches are important. With a remote team, it is even more essential that VPNs – and not just VPNs, as this applies to all network infrastructure devices and any devices used to remotely access work environments – are updated with the latest software patches and security configurations, and that only the latest versions are used.

SHIFTING PROTECTION – FROM THE DATA CENTER TO THE USER

To solve this plethora of problems experienced by remote workers around the globe, we need to take a step back and look at the big picture. 

We’re a very long way from the days of the traditional security environment which had a well-understood security perimeter. The “New Normal” environment involves not just an extended security perimeter, but a mixture of BYOD routers, PCs, etc., and home-baked security. 

An effective way of handling this radical departure from the norm involves shifting the focal point to the identity of the user and/or device – rather than the data center. This goal that can be achieved by leveraging a new approach called Security Access Services Edge – SASE (pronounced “Sassy”) – a new cloud service architectural model.

CO3-CyberProof-Blog23-StayingCyberSafeWRemoteWorkers

SASE, a subcomponent of SD-WAN, allows organizations to effectively extend corporate security policies to each individual user - so that both the WFH employee and the business have confidence that the employee is protected, and corporate data being accessed from home is not at risk. 

NETWORK SECURITY CAPABILITIES THAT CAN BE APPLIED ANYWHERE

Gartner Research recently published a report, “The Future of Network Security is in the Cloud,” which talks about IT leaders protecting their enterprise environments with “software-defined secure access.” It introduces what SASE accomplishes by stating: 

“In a modern cloud-centric digital business, users, devices, and the networked capabilities they require secure access to are everywhere... What security and risk professionals in a digital enterprise need is a worldwide fabric/mesh of network and network security capabilities that can be applied when and where needed to connect entities to the networked capabilities they need access to.”

Perhaps more apt to many of us - in our current reality in the thick of the COVID-19 crisis - is Gartner’s conclusion, which encapsulates what it means to suddenly find that we’re supporting an entirely WFH staff: 

“Instead of the security perimeter being entombed in a box at the data center edge, it is now everywhere an enterprise needs it to be — a dynamically created, policy-based secure access service edge.”

And that’s the core of the reason for focusing on SASE adoption. While most existing network and network security architectures are poorly equipped to meet the dynamic secure access requirements of a WFH enterprise, SASE is driven by identities. An identity is attached to everything in the corporate environment: each person, application, service or device. It’s an approach that is location-agnostic and supports completely user-based security for the enterprise. 

With the enactment of lockdown regulations around the globe, implementation of SASE has become much more urgent to support businesses today.

Related Posts