Why Having a Secure Remote Environment Is More Critical Today Than Ever Before
Grow Your Business, Not Your Inbox
Recent events have exposed a number of kinks in the armor of enterprise-level cybersecurity the world over. Suddenly, organizations that had invested billions in securing their networks and buildings are faced with threats from large-scale remote work. Firewalls, physical security and device management were effective when employees were at work, but not now.
Gene Yoo, CEO of Los Angeles-based cybersecurity firm Resecurity, says, "Remote administration channels are one of the key targets of compromise for threat actors... attacking businesses globally. Remote access is a ‘must-have’ feature in today’s COVID-19 era, providing significant benefits for enterprises of all sizes and ability to retain their employees and work processes... Besides cyber threats, the regime of working from home creates other risks — including insider threats as the employees become more easily accessible by targeted surveillance and espionage.”
Less visibility on employees and your network perimeter
Employees working from home still need to access your network-hosted assets, but you will have significantly less visibility on both their activity and their end devices. Employees and their devices will likely use a variety of networks to access company data while working remotely.
When employees are working from home, they understandably have privacy concerns that need to be balanced with the need for secure computing. You may determine a need to monitor their devices, but that may be a breach of privacy, especially if they’re personally owned. It’s a fine line that each organization needs to figure out for themselves.
All of this remote work will also lead to less visibility on your network perimeters. With devices constantly connecting and disconnecting from the network, employing some sort of device management system to keep track of device health is critical.
External threat monitoring and cyber forensics
More remote working means bad actors have a much larger attack surface. Instead of having to penetrate a robust and well-defended network perimeter, hackers can now target the much-less secure home networks of key employees.
Cyber forensics may also play a key role in remote computing environments going forward. This may involve outsourcing to trusted vendors to handle this complex task.
“It is crucial to have a trusted vendor who is able to supply businesses with meaningful external risk intelligence," Yoo says. "This significantly helps companies to make better decisions while maintaining awareness of a threat landscape that is constantly changing.”
In a remote computing environment, though, it’s relatively simple for unsuspecting employees to become bots for a hacker. Consider this: An employee is using a work computer on their home network and gets a convincing phishing email that installs some malware on their computer. This infected machine now accesses the corporate network and the malware spreads. Even the best-meaning employees, without proper cyber awareness training and a robust device management program, can quickly become unwitting insider threats.
“Targeted cyber-attacks focused on corporate VPNs are increasing," Yoo says. "Typically, threat actors attempt to compromise one or several employee accounts prior to an attack... Recently, several critical vulnerabilities were identified, related to VPN gateways and applications used for remote access." Advanced actors can use these as entrances to infrastructure.
Cyber espionage and control concerns
Remote work brings an increased risk of cyber espionage concerns, especially if your business doesn’t have a good way to keep sensitive information secret. With employees accessing corporate data from home, it’s likely they’ll have sensitive information running through their home network, which is probably not secure.
As Yoo points out, “Cyber espionage groups and nation-state actors understand that employees of targeted companies are compromised while at home. They have a broad arsenal with which to target them, including non-cyber means.” Since attackers usually start their attacks using widespread phishing campaigns, employing phishing exercises is a proven way to help increase employee awareness and thwart these attacks before they happen.
Widespread remote working is probably here to stay, which means keeping that computing environment secure is more important than ever. There has never been a more target-rich environment for bad actors, and every organization would do well to assess their new risks and take steps to secure their remote environment.