Sayers Blog

Cybersecurity and Working From Home: Securing the Enterprise

The new normal, as it has been dubbed, is affecting all businesses. Regardless of their size or what industry they operate in, companies worldwide have been forced to adapt to working from home during the COVID-19 pandemic. There has certainly been a learning curve, as many companies were caught unprepared for this dramatic shift with rush-to-remote working.

 

In this post—which features information from Chris Willis that was presented during the recent Curio Virtual Tech Summit—we’ll be breaking down working from home, some of the current work from home risks, and what you need to know in order to create the ideal cybersecurity strategy to keep you and your remote workers safe from cybercriminals. 

 

Working From Home and the “New Normal”

We all remember the chaotic weeks in mid-March when sports were getting shut down, trips were being canceled, and businesses were telling employees to work from home for the time being. No one was quite sure when we’d all be going back to the offices. Some thought a couple of weeks perhaps, weeks turned into a few months then for the remainder of the year as some organizations told employees to plan on not coming back for the rest of 2020. The prospect of working from home into 2021 was quite a shock. However, as we near the end of 2020, that has been much of the case, especially with larger enterprise companies—who have either not had any employees back in the office or have done so in a very limited capacity with new protocols. 

 

For nearly a year, we’ve been learning to adapt. While the first several months were a “break the glass” situation, we’ve since handled things reasonably well. A Stanford study of 16,000 workers found that over nine months of working from home, their productivity increased by 13%; to many organizations' surprise. This fourth industrial revolution we’re currently in (steam, electricity, computing, and now connectivity) has allowed us to communicate very efficiently and effectively while away from our coworkers. In fact, there have been many benefits from the shift to working from home; such as the significant decrease in pollution, rapid digital transformation, online sales and home delivery conveniences, employees spending more time with their loved ones to name a few. 

 

Cybercrimes and Working From Home

The working from home movement has not come without its setbacks. Perhaps most notable are the effects of working from home is the cybercrime campaigns taking full advantage of the distracted and unprepared. Cybercrime has gone through the roof since the initial shutdown. Simply put, it’s more challenging to get a grasp on your cybersecurity controls and endpoints when they are scattered throughout homes all over the country as opposed to being more manageable within the corporate office behind secure enterprise infrastructure.

 

So, what’s the solution? Should businesses just weather the storm and hope that they aren’t the latest company to succumb to a malware attack? Definitely not. Not only are we still not out of the woods with the coronavirus, it will take a while to get back to where we were at or where the new normal will be, but the shift to working from home will long outlast this pandemic. Consider this, according to a CBRE study, the typical company in the U.S. spends upwards of $12,000 per employee per year on office space. Not only is it cheaper to have employees work from home, but they can still be as or more productive while doing so. 

 

While we will no doubt see employees return in some capacity post-COVID, many employees will continue to work from home. Therefore, companies must ensure that they have cybersecurity solutions in place for both employee environments; especially for the unknown home environments. 

 

So, what are the risks that come with working from home that businesses need to be aware of? 

Working From Home Risks

    • No enterprise visibility or control of the home network, Internet, wireless, or other systems outside of what is provided to the employee.
      • Vulnerable Routers, Firewalls, Equipment
      • Using default credentials
      • Peeping and snooping of non-corporate associates
    • IoT and other recreational and non-secure devices residing on the same network
    • Potential bandwidth issues from competing wifi devices at home (other spouse working from home, kids going through virtual learning).
    • BYOD (Bring Your Own Device) is in effect, with employees using their own possibly-unsecured devices to connect to applications of the enterprise.
    • Receiving phishing and email scams out of the office is different from receiving them in the office, and employees may be distracted and not as diligent.
    • When issues arise, it can be more difficult to troubleshoot with a help desk resource remotely to determine and resolve. 

 

Those are just a few of the potential risks that businesses must account for when creating a thorough cybersecurity plan that accommodates both in and out of office employees.

 

How to Create the Best Cybersecurity Plan For Your Business Going forward

In order to craft a winning cybersecurity plan with employees working from home, ask yourself the following questions about users, data and information, devices, locations, connectivity, and applications. 

 

Users

Organizations have many departments (Sales, Marketing, Accounting, Support, Technical, etc...), each running their own applications and having different approaches to how they use technology and contribute to the organization.  Organizations must not assume a one-size fits all approach and should consider how each resource can be successful, productive and secure in performing their duties.   Who are your users, user groups, and what do they require to be successful?

 

Data and Information

Whether it’s codes, recipes, patient health information, or any other sensitive data, here is the info you need to know to keep it safe.

    • Who is accessing it?
    • Why is it being accessed?
    • When is it being accessed?

 

Based on this information, you can go through the data discovery, classification, and protection process. 

 

Data discovery: Understanding what you have and where you have it is the first step.

Data classification: Classify the data so that it makes sense for the data creators, data consumers, and data managers.  Ensuring that it isn’t too specific where there are too many categories, but sufficient enough where it is manageable.

Data protection: Leveraging the various tools in place to secure access points to the data, such as applications, email, endpoints, networks, the cloud, etc.

 

What data do your users really need access to?  Don’t just give them application access, ensure it goes to the field level; least privilege. 

 

Devices

    • What device do you users/groups need?
    • Can they operate with BYOD?
    • Do they just need application access? 
    • Can they be productive on tablets and mobile devices?
    • Do they need multiple monitors and peripherals, how are you securing these external devices? 
    • Are you asset tracking all hardware, software and licensing?

 

Knowing this information can help you decide what direction your organization should move forward with.  Don’t be complacent with what you know and what you’ve been doing.  Leverage your consulting partners to better understand your options and new modern methods of device consumption and application access. In addition, you may decide to use a unified endpoint management solution (UEM) to keep things consistent regardless of platform. Another option is using Chrome Enterprise with ChromeBooks, allowing you to manage the entire enterprise very granularly through a web console. 

 

Locations

    • Where are users/groups working from?
    • Is there any consistency in where they are working from?
    • What is the environment like? 

 

Answering these questions will allow you to decide how best to perform continual employee security training to ensure confidentiality and how best to ensure that everyone is on the same page in terms of security.  You need to understand how to support the various locations types being used.

 

Connectivity

    • What type of connections are available for your users in the areas in which they live?
    • Have you considered 5G? 
    • Have you measured bandwidth requirements? 
    • What about latency or packet loss? 
    • Where are your users connecting? Data centers, cloud applications, etc.?

 

Potential strategies that come from investigating these questions include using a Secure Access Service Edge (SASE) or a Zero Trust Network Access (ZTNA) solution. SASE allows you to effectively secure the parameter of your network, while ZTNA allows employees to safely access an application regardless of where they are. 

 

Application

    • What applications are being used?
    • What access do they need?
    • Are the applications developed in-house?
    • How are they accessed?
    • Where are the applications being hosted? 

 

Once again, SASE and ZTNA solutions will be solutions to some of the issues that arise from application use throughout an organization with employees working from home.  Do your applications work as intended for those working from home with lower bandwidth, higher latency and various other circumstances.  Are applications integrated with secure authentication solutions and are they provided granular access for least privilege?

 

How the Cloud Fits into WFH Cybersecurity 

Many businesses make the mistake of not utilizing cloud security specific solutions, instead simply relying solely on the fact that their data is stored in a marquee organizations facility (somebody else’s datacenter). That won’t cut it. Instead, you need to invest in cloud security solutions, such as CASB (cloud access security broker), CSPM (cloud security posture management), and CWPP (cloud workload protection platform).  Cloud providers do not have comprehensive native cloud security controls that protect you, you need to bring, implement and optimize this important aspect.

 

Other strategies companies that utilize cloud solutions should use include: 

    • Consolating and implementing cloud-based accessible identity solutions.
    • Ensuring all applications authenticate to this solution.
    • Enforcing multi-factor authentication with contextual awareness (time, location, risk, function).



As you can see, there is a lot that will go into securing your network, endpoints, cloud and sensitive data for the new WFH age. To get started on creating a custom security plan that is tailored to the nuances of your business, reach out to Sayers today.