A year ago, many organizations had some type of telework program, and only a fraction allowed most or all of their workforce to work remotely. In the wake of COVID-19, telework has suddenly become “business as usua,l” as organizations have scrambled to adapt and continue to operate through the pandemic.
This sudden switch to remote work has presented benefits as well as downsides. On one hand, many organizations have observed improvements in productivity and decreased expenses, causing them to consider an extended or permanent telework program. On the other hand, teleworkers have introduced an array of new security challenges.
Top Security Considerations for a Remote Workforce
Teleworkers share most or all of the same cybersecurity risks and concerns as an on-site workforce. However, remote workers also introduce unique threats to an organization’s cybersecurity. Some of the biggest security considerations of a remote workforce include:
Regulatory Compliance: Organizations with a remote workforce must still comply with the requirements of regulations like PCI DSS and HIPAA. Telework programs must be designed to ensure that remote workers are following the requirements of applicable regulations or an organization risks loss of compliant status and a potential data breach.
Use of Insecure Endpoints: Many teleworkers are using personal devices while working from home. These devices are unlikely to have the corporate antivirus installed and are unlikely to comply with corporate security policies. This increases the probability that they will be compromised by an attacker and used as a stepping stone to access the corporate network.
Lack of Infrastructure Scalability: VPNs are a common secure remote access solution, yet many organizations’ VPN infrastructure was not designed for the load created by a remote workforce. The resulting low network performance can encourage insecure workarounds, such as the use of split-tunnel VPNs.
Decreased Control Over Sensitive Data: Employees working from home may make local copies of sensitive data to make it easier to access and increase efficiency. These copies may be on personal devices and are outside of the control of the organization, increasing their risk of exposure or misuse.
Higher Incidence of Dangerous Behaviors: The use of personal devices for work and lack of oversight increases the probability that employees may visit inappropriate or dangerous sites on the same devices used for work. Without corporate web filtering and antivirus protections in place, this could lead to the devices being infected with malware or the exposure of sensitive company data.
Attacker Abuse of Authentication Portals: Remote work tools like VPNs and RDP require an employee to authenticate before use. Cybercriminals are using these login portals in credential stuffing attacks to test for weak or reused credentials. If successful, the attacker gains access to the enterprise network while masquerading as a legitimate user.
Increased Exposure to Phishing: Personal devices may not be protected by enterprise email scanning solutions, and employees working from home may be less wary of phishing attacks. This increases an organization’s risk of exploitation via phishing.
Remote Access-Enabled Attacks: Solutions like RDP are designed to provide employees with remote access to and control over systems on the enterprise network. However, the use of RDP with compromised accounts is currently one of the leading delivery mechanisms for ransomware.
Decreased Security Visibility: Employees working from home likely require frequent access to cloud-based resources. Routing this traffic through a VPN to the headquarters network for security inspection dramatically increases network latency. As a result, employees may visit cloud resources directly, which can decrease an organization’s visibility into business network traffic.
Degraded Incident Response: When employees are working remotely, the incident response team cannot respond in-person to a cybersecurity incident. As a result, incident responders may need to rely on an untrained user to take critical actions in the wake of a security incident.
How MorganFranklin Can Help
Securing a remote workforce requires a different approach than protecting on-site employees. However, it is not impossible to have a secure telework program, and the benefits can outweigh the risks.
MorganFranklin advisors are familiar with the cybersecurity challenges associated with telework and best practices for mitigating these risks. They can help an organization to design a secure telework program and select and implement the security solutions required to make it a reality.