If you made it through the last year without any major security incidents, take a bow. Transitioning an entire business to remote working is no mean feat at the best of times, and 2020 was certainly not the best of times. Between the urgent need to keep the business functioning and the cybercriminals circling like sharks, it was a nightmare scenario for anyone in IT security.
But while we might be through the worst of it (fingers crossed), now is no time to relax. After rapidly shifting their tactics to exploit the pandemic, threat actors are evolving their attacks to strike at isolated remote workers.
With your staff likely to be operating outside the secure “castle walls” of your office for some time yet, it is essential to invest in long-term measures to keep them safe from opportunistic criminals.
Below are three of the biggest threats facing your remote workforce, and how to counter them.
Educate against phishing tricks
Research found the volume of phishing attacks more than doubled in 2020 as criminals sought to exploit the pandemic. The associated costs of attacks also rose by more than 50 percent.
While the initial confusion about the virus has now largely passed, home workers are still inherently more vulnerable to social engineering. At the office, you can simply turn to your desk buddy to ask them if this new email from Steve in finance looks odd. Most people are unlikely to do the same from their kitchen tables, even with emails and chat applications.
One of the best ways to compensate for this weakness is an increased focus on Security Education and Training Awareness (SETA). Regular training sessions can help keep security front of mind and alert staff to the most common social engineering techniques being used in phishing emails. Training can also cover the importance of following proper processes for things like sharing sensitive data or authorising payments, as well as lines of communication when doubts arise about suspicious emails. While email security tools are essential, strong awareness will give your workforce an edge when emails slip through and reach their inboxes.
Quick win: Start sharing quick tips and tricks with your workforce on a regular basis on how to detect phishing attempts or suspicious emails.
Double check your VPNs
Threat actors are increasingly attacking remote workers by targeting VPNs and other remote connection solutions, exploiting the increased reliance on these tools to facilitate remote workforces. We know first-hand that many businesses were forced to go entirely remote with very little time, often using rather creaky old legacy applications. If you haven’t done so yet, it is essential to fortify remote connections. Outdated or misconfigured remote tools provide an excellent attack surface for opportunistic criminals. VPNs can be used to eavesdrop on connections, or can be exploited to gain access to the network for data theft and malware attacks.
For those who haven’t done it recently, now it’s also the time to conduct a full audit of all remote connection tools currently being used by the business. The priority should be to ensure that they are all fully updated with the latest patches, that they have been correctly configured, and are not simply using default settings.
Quick win: Start by identifying and removing any unsupported legacy software as soon as possible.
Secure home working environments
While there has been a shift away from ‘perimeter-centric’ defenses more recently, the castle walls of your corporate network are still inherently more secure than the average home environment, benefitting from tools such as firewalls as well as closer scrutiny by IT and security personnel.
Homeworkers will usually be relying on their own personal routers, which introduces risks such as using weak security credentials. The network is also likely to be shared by a multitude of other personal devices, including consumer Internet of Things (IoT) products which are notoriously poorly secured. Endpoint devices themselves, such as laptops and tablets, are also more likely to miss out on updates and patches, particularly personal machines being used under Bring Your Own Device (BYOD) policies. Devices are also more likely to be used for personal activities and shared with family members, such as children jumping on a laptop for their homework once in a while. Those in shared living spaces also need to be physically secured against accidental or malicious misuse.
There are multiple steps you can take to minimise these risks. SETA can again help here, informing users of key activities like ensuring they have changed their router’s default settings, and ideally giving tips on securing other devices on their network, including the necessity of applying updates.
All of this is particularly important when you consider that these devices will often be accessing and downloading data that falls under the GDPR, which leaves you at increased risk of fines in the case of a data breach.
You can also take things a step further by using security solutions that detect signs of suspicious activity, which may mean an attack is in progress. If one of your team starts acting strangely, it could simply mean that they need to get out for a breath of fresh air – or it could be that a threat actor has quietly taken over their account. Tools such as Endpoint Detection and Response (EDR) can identify unexpected behaviour on a device, while the more recent Extended Detection and Response (XDR) can spot signs across multiple areas, including endpoints, emails, and cloud servers.
Quick win: Implement controls around how users can access and download sensitive data to devices to add extra assurance alongside training on proper data handling.
These steps will help keep your staff safe as they continue to work outside the secure castle walls of your corporate network. However, given the potential risks of breaches in your security, why not consider fortifying your remote teams even more? Get in touch for a free consultation to discover how our experts and specialised security tools can provide you with the ultimate defence.