Work from Home: Evolving Cybersecurity Risks

When employees use unsecured networks and devices to perform their jobs, such as free Wi-Fi networks, they leave gaps in cybersecurity for criminals to exploit. Significant security issues with working remotely include: 

Ransomware is a type of malware in which cyber criminals lock or block users’ access to their own data or devices. Hackers typically seize control of a machine then threaten to delete, destroy, or publish data unless their ransom demand is paid.

The primary objective of ransomware is to extort or scam victims. They are often spread through phishing emails containing malicious attachments that infect a device and then encrypt files or even entire devices. Other ransomware attacks use social engineering or drive-by downloading, which sends victims to spoofed websites that install malicious material onto their machines.

One of the biggest threats to companies’ remote workforces is the ongoing use of weak, insecure, or recycled passwords and login credentials. Failure to use secure passwords negates cybersecurity software and tools like firewalls and virtual private networks (VPNs). 

Hackers can now use software to help them crack account passwords and access sensitive corporate information. For example, they can compile vast lists of common passwords to access accounts or write code that uses multiple password variants to guess login combinations successfully. Another common approach is to use passwords they know someone has used for one account, such as a personal email or social networking site, to try and access their corporate account logins. 

Remote-based workers are likely to use file-sharing services to send documents and files to their colleagues. These files, when stored on corporate networks, are likely to be protected through encryption. However, when shared remotely, the same level of security may not apply.

Sharing sensitive information through file-sharing tools can leave data vulnerable to being intercepted or stolen by hackers — especially while data is in transit. The loss of sensitive corporate data can result in security events like data theft, identity fraud, and ransomware attacks.

Corporate Wi-Fi networks are typically secure because they are protected by secure firewalls that monitor and block malicious traffic. However, remote-based employees may connect to corporate networks and systems from unsecured Wi-Fi networks. 

For example, most people routinely update their smartphone firmware or antivirus software but rarely do so on their home routers. This can leave their home network vulnerable to a data breach that, in turn, risks the security of corporate data.

One of the most significant security risks of remote working is using personal devices to connect to corporate networks and systems. These devices often do not have the same level of cybersecurity as a corporate computer or laptop. Personal smartphones often do not use encryption to protect personal data, and home printers can leave security gaps that can be exploited by hackers.

Home-based workers can stay secure and protect their personal and corporate data by following established remote work security best practices. 

The following cybersecurity best practices will help employees keep their devices and networks safe from cyber criminals:

Home networking is inherently less secure than networks that employees connect to in a corporate office. Wi-Fi routers come with a default password that is often relatively easy for hackers to crack. Remote workers should set a unique password, which they can easily amend through the router's settings page by typing the router's address, such as "192.168.1.1,” in their web browser. This also enables users to change the name of the network—or service set identifier (SSID)—to make it more difficult for a hacker to identify and access the network.

Home networking should also be strengthened with network encryption, which can be changed in the security settings of the router’s wireless configuration page. The most robust encryption setting on most routers is Wi-Fi Protected Access 2 (WPA2). Further steps to strengthen Wi-Fi include limiting access to specific media access control (MAC) addresses. The router should also always run the latest firmware version available. 

Antivirus software helps ensure remote worker security. Cyber criminals target home networks using advanced attack vectors like distributed denial-of-service (DDoS), malware, ransomware, and spyware. Antivirus software helps fight these threats by automatically detecting, identifying, and preventing viruses, phishing scams, and zero-day attacks from penetrating the network. 

A comprehensive antivirus solution is equipped with automatic updates so it is aware of and prevents the latest emerging security threats. In turn, it allows organizations to automatically secure remote work devices and workers.

In addition to antivirus, remote workers should deploy comprehensive internet security software—such as products like cloud backup, identity theft protection, password managers, secure web browsers, and VPNs—to protect their devices.

Every account must have a unique password that has not been used for any other service, is at least 12 characters long, and uses a combination of letters, numbers, and special symbols. Users should also consider a password manager, which allows them to use more robust, unique passwords for their many accounts without having to remember them all.

The vast amount of cyberattacks come through email, so it is crucial to have email security in place to protect employees’ communication with colleagues, customers, and partners when working from home. This includes ensuring email accounts are only accessed via a VPN, which encrypts users’ connections, devices, and data in transit. Users also need to remain vigilant by understanding the characteristics of phishing emails and avoiding links and attachments in messages.

The COVID pandemic accelerated the need for organizations to deploy solutions and tools that help employees work from anywhere as securely as they did in the office. Work-from-anywhere cybersecurity tips for employers include:

Relying on passwords alone is no longer enough to keep cyber criminals at bay. Instead, users need to add an extra layer of security to their online accounts by using identity management tools like two-factor authentication (2FA) or multi-factor authentication (MFA). These tools use various authentication methods, such as one-time passwords (OTPs), which verify a user’s identity and ensure a hacker cannot access an online account even if they manage to steal the password.

Endpoint security solutions protect every endpoint connected to an organization’s IT infrastructure. Actions they perform include:

• Providing organizations with enhanced visibility of all the devices across their networks
• Enabling advanced protection and dynamic access control
• Detecting and blocking security threats in real time
• Automating and orchestrating timely responses
• Supporting security incident investigation and management

As the hybrid workforce continues to work from anywhere, the continuous verification of all users and devices as they access corporate applications and data is required.  Zero Trust Network Access (ZTNA) protects networks and applications, network administrators by implementing a zero-trust access. 

Remote work increases the risk of data being lost or stolen during cyberattacks. Data loss prevention (DLP) tools enable organizations to detect and prevent data breaches, accidental data sharing, and malicious theft. They block sensitive data from being extracted by unauthorized entities, which is crucial to internal security and complying with increasingly stringent data privacy regulations. 

With employees working from disparate locations, it is more important than ever for organizations to understand what they are doing. User behavior analytics (UBA) allows businesses to keep tabs on the applications users launch, their network activity, the files they access, and the emails they have sent. UBA also analyzes how frequently users carry out specific tasks and searches for usage patterns that can indicate suspicious or malicious behavior.

SIEM helps organizations mitigate the ever-increasing volume of threats they face daily. The technology allows businesses to keep pace with the growing deluge of malicious activity, as well as triage and investigate alerts relating to suspicious behavior. SIEM solutions analyze security events to enable rapid threat detection and response.

Encryption secures data on corporate networks and communications between remote-based employees. It transforms data into a ciphertext that can only be read or deciphered by the sender and their intended recipient. This ensures that a cyber-criminal cannot read the original data, even if they manage to intercept it. Encryption also helps organizations ensure data authentication and integrity as it can prove that data has not been altered from its original state.