Mitch Harris, Senior Cyber Security Consultant at RiskVersity provides an overview of the security implications of a remote workforce.
“Thousands of businesses are asking their employees to work from home. And with the sudden influx of hundreds of thousands of remote workers, the attack surface for hackers has just increased exponentially. Given the suddenness of it all, many businesses didn’t have the infrastructure in place to accommodate this change in their business culture. Add to that the lack of policies, procedures and controls that relate to working remotely, and they have unintentionally created a petri dish for attackers’ malware, viruses, trojans, worms, RATs etc.”
Mitch Harris, RiskVersity
Senior Cyber Security Consultant
In the midst of the COVID-19 coronavirus global pandemic, how has the security postures of businesses changed (and what are the implications of those changes)?
Over the past few weeks, this country’s businesses have had to make unprecedented changes to the way they deliver their services. One of those changes was affording their employees the ability to work from home. And while remote work is nothing new to this economy, it poses an issue when one day you may have a few thousand remote workers, and the very next you have a few hundred thousand. In this article I will attempt to break down the overall best practices, mitigating and transferring of cyber risks.
Let’s first take a look at how current risks may be exacerbated, or new risks introduced.
Authentication Methods
Phishing Larger Attack Surface
Vendor Management
Given people are not on-site for face-to-face interaction; authentication can become an issue.
Attackers are well-aware of the current plight of businesses. As such, phishing attacks will increase.
Employee devices are often less secure and/or have operating systems and applications that may not be approved by the company or updated regularly. This increases the attack surface of a business and introduces new attack vectors to internal networks.
While the supply chain is already a target for hackers; the increase in remote workers is directly proportionate to the likelihood of a breach occurring within a partner’s network.
AUTHENTICATION METHODS
The lack of face-to-face interaction should not be a deterrent for good cyber security practices. Businesses should implement multi-factor authentication solutions as well as monitoring of access and ensuring strong passwords to mitigate this risk.
PHISHING
If you have not been conducting regular phishing campaigns, this would be a great time to start training your workforce. Implementing good Anti-Virus with good anti-phishing functionality is a must. NexGen (Next Generation) Anti-Virus would be preferred.
LARGER ATTACK SURFACE
With the attack surface of your business now having increased both unexpectedly and exponentially – it is imperative to implement strong endpoint protection. But that is not enough. Businesses must also consider implementing VPNs and ensure their perimeter devices such as firewalls, intrusion detection and intrusion protection devices are configured properly.
VENDOR MANAGEMENT
It has been widely reported that hackers love to leverage partnerships. Third party vendor networks are often less secure. As such, these are favorites among hackers who want to target larger corporations. It is therefore important to vet these partners with much more scrutiny. Given your attack surface has increased, third party vendors add another layer of complexity with regards to attack vectors. Businesses should have a process whereby they can thoroughly assess vendors (both technically and procedurally). You should have methods in place to scan a partners’ network to determine their security posture and security questionnaires that should be mandatory to complete. These should include questions to assess a vendor’s preparedness for remote workers.
RISK TRANSFERENCE
Do you have a good cyber insurance plan that includes remote workers? GET ONE!
What should businesses do?
CONCLUSION
It is a new day in America. More and more workers are working from home. However, we never know when a disaster or global pandemic will change life as we know it. The success of a business will be determined by how prepared it is to shift. Those affected most by the COVID- 19 coronavirus are the SMBs (Small to Mid-Size Businesses). Many of these businesses do not have the resources for a fully staffed data security team. However, implementing and adhering to the information presented in this article will (at least) give businesses a solid foundation from which to start.
ABOUT RISKVERSITY
At RiskVersity, we are able to provide services that identifies, manages and prepares our clients for their risks. We mitigate risks through our Fractional Chief Risk Officer, Employment Practices, Fractional Chief Learning Architect and Fractional CISO (Chief Information Security Officer) offerings. We enable organizations to leverage our expertise on a monthly retainer basis or hourly to ensure the protection of their assets and security of their data with a team of experts at a fraction of what it would cost to staff one of those areas of expertise.
ABOUT THE AUTHOR
Mitchell L. Harris Jr. is a leader in cybersecurity offering an extensive background in the field. With more than 25 years of experience in information technology and ten years within the Federal Government’s Intelligence communities, Mitch is an accomplished cyber security expert, computer forensics analyst, and digital investigator. His expertise has been leveraged by the FBI, CIA, Secret Service, and The Department of Justice. As a military veteran and subject matter expert to the U.S. Government in matters of national security, terrorism, intelligence, and criminal cases – Mitch has led teams and operations ensuring the security of our nation’s most valuable assets.