Securing Your Remote Workforce From Cyber Threats: 2020 Edition

Joshua Skeens, CTO, November 6, 2019

 

The internet has revolutionized how we do business and changed the nature of the office. While employees were once required to be on-site, now more organizations than ever are offering remote work options. Unfortunately, remote workers present unique cybersecurity problems and could put your organization’s digital assets at risk.

What Makes Securing a Remote Workforce Hard?

Because remote employees aren’t working out of the office, they aren’t covered by your organization’s office-specific cybersecurity infrastructure. Most organizations spend hours crafting and refining complex systems and protocols to safeguard their digital assets, keep employees secure, and keep unauthorized users out.

Remote employees can inadvertently undermine even the most robust cybersecurity practices because they may be accessing company systems from their personal computers (which may not be as well protected as company-issued computers) or over unsecured internet connections. This potential degree of uncertainty and, in some cases, lack of control on behalf of the company, could put your entire organization at risk. 

In fact, 36% of surveyed organizations say they have experienced a security incident because of a remote worker’s actions.

What Threats Are Remote Workforces Particularly Vulnerable To?

Remote workers, and the organizations they work for, are particularly vulnerable to a wide number of cybersecurity threats. These include:

Phishing

Email phishing has been around almost as long as email has, and continues to compromise cybersecurity. Remote employees often rely more heavily on email and chat applications than their in-office counterparts, and if they aren’t trained properly, they may inadvertently fall for phishing scams and reveal sensitive information. 

Because remote employees are often accessing the organization’s network from personal devices as opposed to company-issued devices, which can be more easily monitored from both a logistical and privacy standpoint, your cybersecurity team may be less attuned to suspicious activity that is tied to a remote employee’s credentials. If your organization has employees around the world, cybercriminals logging on using compromised credentials outside of normal business hours may not be considered suspicious activity.

Social Engineering

Employees are the easiest path into an organization’s network, and at Cerdant, we have seen a marked increase in the number of social engineering attacks, particularly against remote workers. A cybercriminal may be able to trick a remote worker into providing access either via their login credentials or directly through their computer. 

If a remote employee has never met Linda from accounting, she may not realize that the person on the phone doesn’t sound like the real Linda at all, and happily hand over her login credentials and password to help “Linda” resolve a client’s billing issue. This lack of face-to-face interaction can make remote employees more vulnerable to social engineering attacks.

Compromised personal computers are also more likely to have less robust cybersecurity measures in place than company-issues computers, and can provide cybercriminals with easy access to sensitive systems and data. Even if the cybercriminal doesn’t gain access by manipulating the remote worker’s computer, they may be able to scrape the device for logins, passwords, and other data that they can then use to access company systems.

USB Access

When organizations institute a BYOD (bring your own device) policy, as is often the case with remote workers, the company no longer has control over the device’s security. That means that if a remote worker inserts a suspicious USB stick into their device, they could infect it with malware that may spread to the wider organization.

Public Wifi

As more remote workers choose to trade their home offices for coffee shops, co-working spaces, and restaurants, they are more likely to rely on public wifi to complete their tasks. However, unsecured public wifi networks are easily exploited by cybercriminals. 

Using Company Owned Devices for Personal Use

Many organizations have begun to allow flexible hours and work arrangements. Maybe John wants to take his company laptop home so that he can spend more time with his family or tend to his sick child while his spouse is at work. This arrangement is fine unless he begins to use the company laptop for personal use. 

If John is doing some online shopping and stumbles across an unsecured site, not only is his device potentially compromised, but any viruses or malware he may have inadvertently picked up could spread to the company’s servers or other users within the organization.

How to Bolster Your Remote Workforce’s Cybersecurity

Security Awareness

Even the most robust and comprehensive cybersecurity protocols, hardware, and software are only useful if your employees understand the importance of cybersecurity and the role they play in safeguarding your organization’s digital assets. 

Employees are the first line of defense and are often cyber criminals target of choice. That’s why all employees should undergo regular cybersecurity training, and employees who work remote either some or all of the time should receive additional training to address the unique cybersecurity vulnerabilities of remote work. Remote workers, in particular, need to be extra vigilant because they often can’t take advantage of all the cybersecurity protocols the company has in place to shield on-site workers.

EndPoint Software

Installing robust endpoint software can go a long way towards safeguarding your organization’s digital assets. Products such as Cylance and SentinelOne use machine learning to both secure your organization’s endpoints and allow you to effectively manage endpoint devices, whether they are in the office or not. Endpoint software can also allow organizations to shut down and disable compromised endpoints remotely, as well as disable any devices currently plugged into the compromised device. 

This means that if an employee plugs an infected USB stick into their work laptop, your organization can both shut down the laptop and disable the USB stick, preventing the spread of malware.

Client VPNs

Remote employees who choose to use public wifi should safeguard both their own devices and the company’s digital assets by installing a VPN (virtual private network). VPNs mask a device’s IP address, creating an encrypted connection between the remote worker and the company’s servers.

VPNs allow your employees to securely access your organization’s files and encrypt your employee’s traffic.

Spam Protection

Many organizations choose to have their internal mail hosted on the cloud, but too many of those organizations fail to implement spam protection services to safeguard their devices. Spam protection services such as Proofpoint and Mimecast can pre-filter suspicious (and potentially malicious) emails, making it less likely for employees to inadvertently fall for phishing scams or accidentally download malware.

Device Encryption

When employees work remotely, the chances of their devices being stolen increases exponentially. By encrypting the device’s contents and installing software that lets you wipe the device remotely, your company can safeguard the employee’s data and the organization’s data. Any devices that might leave the premises should be encrypted, and have remote wipe capabilities.

Steps Remote Workers Can Take to Improve Cybersecurity

Poorly trained or untrained employees are the biggest cybersecurity threat to any organization. To ensure your remote employees are equipped to play their role in safeguarding your organization’s digital assets, here are a few things every remote employee should be doing:

  • Ensure all remote employees follow the same cybersecurity policies and procedures as their in-office counterparts, and receive the same cybersecurity training.
  • Remote workers need to be extra vigilant when it comes to suspicious emails coming from unfamiliar sources. If you aren’t sure, the best thing you can do is pick up the phone and call the person who supposedly sent the email and verify the sender’s identity. You should also make sure you know what to do if you encounter a suspicious email, and whether or not there is someone you should be forwarding such emails to.
  • If you choose to work from a location that requires you to use public wifi, make sure you have a VPN set up to encrypt your data. If you aren’t sure how to set up a VPN, speak to your direct superior or reach out to the IT department.
  • If you choose to work in a public setting, never leave your device unattended. Even a quick trip to the register to buy a second cup of coffee is enough time for someone to steal your device or compromise it in some other way.
  • Never save sensitive information on your digital devices unless it is absolutely necessary. Try to save sensitive data in a more secure location, such as on the organization’s internal systems. Talk to your supervisor and the IT department and find out where you can store sensitive data safely. 

 

References

//threatpost.com/remote-workers-security/143153/

//us.norton.com/internetsecurity-privacy-what-is-a-vpn.html