Securing Your Remote Workforce
by Robert Bond
Protecting Your Remote Employees from Cyber Attacks
As we suggested in our last blog post, this blog post was written to help our customers and readers of our blog protect themselves against cybercriminals who are trying to leverage the Corona Virus pandemic that we are all trying to endure. This blog post WAS NOT written to fearmonger or increase the stress we are feeling from the impact this illness is having on us. All of us at SecureOps wish you, your family and friends the very best and look forward to helping you and your organizations.
The Trend to Remote Work Since the Covid-19 Pandemic Started
The trend toward working remotely has been increasing for the past 20 years. The Corona Virus or Covid-19, the emergence of 5G, the transition to the cloud and new technological capabilities for the remote worker has turned the trend parabolic. Over 5 million employees worked exclusively from a home office last year according to Flexjobs.com; a 91% increase over the past 5 years. The Corona Virus has driven that number higher substantially over just the past several weeks.
In an article in the Chicago Tribune Philippe Weiss of Seyfarth Shaw at Work, the workplace training subsidiary of the renowned global law firm Seyfarth Shaw said: “I think this is a watershed moment in terms of wider acceptance and implementation of work-from-home.” “Employees that have tasted the benefits of more freedom and autonomy are going be hard-pressed to let it go.”
This is a “Watershed Moment” in Remote Work and Unlikely to Reverse
Further, about half of U.S. workers have jobs that could at least partially be done remotely, according to Kate Lister, president of Global Workplace Analytics, a research and consulting firm focused on new ways of working. In addition, 43% of workers currently telecommute at least sometimes.
Businesses ranging from tech giants to startups have been forced to close offices globally to stop the spread of Covid-19 in order to keep operations moving. Microsoft, Google, Facebook, and Apple have all urged employees to work from home. Other tech firms, including Cisco, are offering their collaboration tools for free as companies around the world quickly implement work-from-home policies as conferences are canceled. Now that the curve of the trend has steepened toward remote working, the likelihood is high that it will not be reversed.
According to Cisco Systems, WebEx meeting traffic connecting Chinese users to global workplaces has increased by a factor of 22 since the outbreak began. Traffic in other countries is up 400% or more and specialist video conferencing businesses have seen a near doubling in share value.
The Cybersecurity Challenge for Organizations with Remote Workers
While the benefits of working from home are countless in terms of productivity, time with family and reduced stress, cybercriminals have increased the number, sophistication, and damage of their attacks on remote employees. The reason remote employees offer cybercriminals such an appealing target is the size of their attack surface. Software vulnerabilities from unpatched software, open RDP ports, and unsecured ports represent 90% or more of all attacks against remote workers. Stunningly, according to last year’s 2019 Global Endpoint Security Trends Report, “42 percent of all endpoints are unprotected at any given time!”
Further, Sixty-six percent of all cyberattacks begin at the endpoint and with enterprises having little control over what software their remote workers are running. Finally, IT security teams have limited tools for checking the software and addressing any vulnerabilities. The phishing attacks that we are seeing today will become more sophisticated types of attacks.
Understanding the Remote Worker’s Attack Surface
Cybercriminals are constantly looking for a vulnerability in order to start an attack. Vulnerabilities can be found in software that hasn’t been patched with the latest updates from a software manufacturer like Microsoft, they can be found in unsecured RDP services, poor anti-virus solutions, and mobile phones and tablets.
IT Security Experts Believe Cyber Attacks Will Increase 30%-40% Imminently
Essentially, the more technology a remote employee has connected to the corporate network, the larger their attack surface. In addition, in many respects, the further they are away from the perimeter of the network and the security controls that are part of the organization’s processes, the more gaps they will leave for attackers. This increases their attack surface and is the reason why IT security experts believe attacks will increase 30%-40% over the next several months.
Reliance on email communications will increase significantly with the transition to remote work, however, email security has remained unchanged for 30 years. Many smaller businesses are still likely to be using outdated Simple Mail Transfer Protocol (SMTP) when sending or receiving email. Thus, the default state of all email services is unencrypted, unsecured and open to attack — putting crucial information at risk.
Protect Your Employees and Corporate Network by Leveraging the 80/20 Rule
Risk management principals suggest that organizations can’t eliminate all threats cost-effectively. To eliminate all threats, budgets for IT security would skyrocket. Thus, we’ll leverage the 80/20 rule to eliminate the most significant vulnerabilities that account for the largest number of attacks.
Corporate IT security departments should perform the following to reduce remote worker cyber-attack risk:
- Run vulnerability scans to uncover known vulnerabilities across systems and devices connected to the corporate network
- Secure Microsoft Remote Desktop Protocol (RDP) services
- Secure ports and ensuring safe VPN access to the corporate network
- Be aware of where customer PII or personal information is being stored and secure it
- Send social engineering, phishing and security reminder e-mails on a periodic basis. Brief training exercises are a good idea as well
We hope these 5 pieces of advice help keep you, your employees and your customers more secure.
August 3, 2020
July 16, 2020