The COVID-19 pandemic quickly plunged companies across the globe into a work-from-home model. Since the scramble to get employees up and running from home offices, there has been a marked increase in attacks against internet-exposed remote desktop protocol (RDP) servers, as bad actors have identified those as a weak point for many organizations. Between March and April, attacks focused on RDP ports tripled.
Scammers also understand what the day-to-day looks like in a remote work environment and are leveraging notifications associated with technologies for remote teams (think videoconferencing and other team connection tools) to phish users. Users may be moving data from organization networks to employee-owned networks and attackers know that fortification efforts are often lacking on residential networks. Companies need to identify and address remote workforce security concerns to continue business through remote work, while simultaneously keeping their workforce safe through social distancing.
Top Security Concerns
Many companies may have underestimated the potential for sensitive or proprietary data to be transferred from fortified in-office workspaces and networks to uncontrolled environments. Due to the global pandemic, several companies not only moved their workforce to an at-home structure during mandatory shelter-in-place orders but are also allowing employees to continue to work from home in response to continued uncertainty regarding the pandemic. However, this has exposed some major security concerns including:
- Increased exposure in the use of insecure or exposed wireless access points, such as an employee’s home WiFi network, as a potential security breach point.
- The use of personal equipment that is not managed to the same level of security as corporate equipment as another entry point for bad actors.
- A risk of sensitive data being brought down to users’ computers without the proper level of data protection, such as basic encryption.
- The potential lack of vigilance or understanding on behalf of users in protecting themselves and information/systems they are accessing.
- Overburdened ISP infrastructures that were not prepared for an explosion in activity by a workforce made suddenly remote.
Addressing Security Concerns
Businesses need to take the lead when addressing security concerns. The workforce as a whole may not understand the risks, know how to manage them or have the resources to properly address potential breach points on the individual employee level. Companies should implement and use secure remote access gateways for accessing company resources. Additionally, if there is a personal device use policy that allows non-corporate assets to access company information, companies need to ensure there is some sort of network access control policy in place that checks for appropriate endpoint protection. Finally, businesses need to increase monitoring and alerting posture wherever possible and give added scrutiny to events that might have previously been considered a low priority.
In addition, companies should offer comprehensive employee training so that remote workers can better protect themselves and their company while working from home. Train employees to stay vigilant. Encourage users to be overly suspicious and not click on anything that seems suspicious or with which they do not have extreme comfort. Set the expectation that it’s okay for them to ask questions—a culture of transparency breeds trust between users and the organization. Employees may feel that IT and security staff are overwhelmed with the transition to remote work—and they are! Managing a remote workforce is a huge undertaking. While employees may feel self-conscious about asking questions and may not want to be a bother, explain that it’s always better to ask and find out there is nothing to be concerned with than to compromise the business’ security. Employees should bear in mind that working from home often means that their home networks are more appealing to outside attackers, now that potentially valuable sensitive data can be accessed there—and exercise caution for their personal data as well.
The Future of Remote Work Security
There will likely be a much larger, long-term remote workforce as we move forward into our “new normal.” Planning an IT environment architecture, and operating with the assumption that most access will be from the outside-in going forward, will put a company in the best position for establishing a protective stance that will help prevent many of the issues that will persist going forward. There’s a high probability that public cloud adoption will see a rapid increase in popularity. Just as the internet itself gained mass consumption during the ’90s and took hold of the business landscape, the COVID-19 pandemic will lead to another digital transformation with a new emphasis on virtual workplace security.