Impact of the Hybrid Workforce on Cybersecurity
Remote working has become commonplace for organizations of all sizes and shapes since the beginning of the COVID-19 pandemic. This change has created significant work from home cybersecurity risks. As such, organizations and employees must understand essential security tips to successfully adapt to this way of working and minimize the security risks associated with remote working.
As companies rushed to deploy cybersecurity for remote workers in March 2020, cyber criminals also took action. Hackers took advantage of the increase in security gaps created when many organizations failed to follow remote work security best practices.
For example, INTERPOL, in its assessment of COVID-19’s impact on cyber crime, found a significant increase in the number of critical infrastructure, governments, and large organizations targeted by hackers. Between January and April 2020, it detected 48,000 malicious Uniform Resource Locators (URLs), 907,000 spam messages, and 737 malware incidents related to COVID.
These figures reinforce the need for organizations to continually train their staff on how to maintain security when employees work remotely.
Types of Security Risks with Work From Home
When employees use unsecured networks and devices to perform their jobs, such as free Wi-Fi networks, they leave gaps in cybersecurity for criminals to exploit. Significant security issues with working remotely include:
Ransomware is a type of malware in which cyber criminals lock or block users’ access to their own data or devices. Hackers typically seize control of a machine then threaten to delete, destroy, or publish data unless their ransom demand is paid.
The primary objective of ransomware is to extort or scam victims. They are often spread through phishing emails containing malicious attachments that infect a device and then encrypt files or even entire devices. Other ransomware attacks use social engineering or drive-by downloading, which sends victims to spoofed websites that install malicious material onto their machines.
One of the biggest threats to companies’ remote workforces is the ongoing use of weak, insecure, or recycled passwords and login credentials. Failure to use secure passwords negates cybersecurity software and tools like firewalls and virtual private networks (VPNs).
Hackers can now use software to help them crack account passwords and access sensitive corporate information. For example, they can compile vast lists of common passwords to access accounts or write code that uses multiple password variants to guess login combinations successfully. Another common approach is to use passwords they know someone has used for one account, such as a personal email or social networking site, to try and access their corporate account logins.
Remote-based workers are likely to use file-sharing services to send documents and files to their colleagues. These files, when stored on corporate networks, are likely to be protected through encryption. However, when shared remotely, the same level of security may not apply.
Sharing sensitive information through file-sharing tools can leave data vulnerable to being intercepted or stolen by hackers — especially while data is in transit. The loss of sensitive corporate data can result in security events like data theft, identity fraud, and ransomware attacks.
Corporate Wi-Fi networks are typically secure because they are protected by secure firewalls that monitor and block malicious traffic. However, remote-based employees may connect to corporate networks and systems from unsecured Wi-Fi networks.
For example, most people routinely update their smartphone firmware or antivirus software but rarely do so on their home routers. This can leave their home network vulnerable to a data breach that, in turn, risks the security of corporate data.
One of the most significant security risks of remote working is using personal devices to connect to corporate networks and systems. These devices often do not have the same level of cybersecurity as a corporate computer or laptop. Personal smartphones often do not use encryption to protect personal data, and home printers can leave security gaps that can be exploited by hackers.
Employee Awareness and Training on Security Threats with Work From Home
Organizations’ employees are the first line of defense in preventing security threats with work from home environments. Employers must provide training to increase employees' awareness of the dangers they face and the potential signs of a cyberattack.
Ensuring a clear understanding of how to maintain security when employees work remotely entails educating users on the need to constantly watch out for potential phishing scams. This means avoiding links and attachments in emails, especially messages that come from unrecognized or unusual senders.
Additional security tips include:
- Using comprehensive antivirus software to secure devices used for work and that connect to a home Wi-Fi network
- Securing devices with encryption
- Covering laptop webcams and removing external webcams
- Using a ZTNA solution to access applications safely and securely
- Using secure, strong, and unique passwords
- Avoiding the use of software that has not been approved or licensed by the organization
- Keeping devices and their software and operating systems updated
- Using authentication applications and technologies
- Remaining aware of screen activity on video calls
How to Stay Secure: Best Practices and Technologies
Home-based workers can stay secure and protect their personal and corporate data by following established remote work security best practices.
Best security practices for working from home employees
The following cybersecurity best practices will help employees keep their devices and networks safe from cyber criminals:
Secure home networking
Home networking is inherently less secure than networks that employees connect to in a corporate office. Wi-Fi routers come with a default password that is often relatively easy for hackers to crack. Remote workers should set a unique password, which they can easily amend through the router's settings page by typing the router's address, such as "192.168.1.1,” in their web browser. This also enables users to change the name of the network—or service set identifier (SSID)—to make it more difficult for a hacker to identify and access the network.
Home networking should also be strengthened with network encryption, which can be changed in the security settings of the router’s wireless configuration page. The most robust encryption setting on most routers is Wi-Fi Protected Access 2 (WPA2). Further steps to strengthen Wi-Fi include limiting access to specific media access control (MAC) addresses. The router should also always run the latest firmware version available.
Antivirus software helps ensure remote worker security. Cyber criminals target home networks using advanced attack vectors like distributed denial-of-service (DDoS), malware, ransomware, and spyware. Antivirus software helps fight these threats by automatically detecting, identifying, and preventing viruses, phishing scams, and zero-day attacks from penetrating the network.
A comprehensive antivirus solution is equipped with automatic updates so it is aware of and prevents the latest emerging security threats. In turn, it allows organizations to automatically secure remote work devices and workers.
Use internet security software
In addition to antivirus, remote workers should deploy comprehensive internet security software—such as products like cloud backup, identity theft protection, password managers, secure web browsers, and VPNs—to protect their devices.
Use strong and secure passwords
Every account must have a unique password that has not been used for any other service, is at least 12 characters long, and uses a combination of letters, numbers, and special symbols. Users should also consider a password manager, which allows them to use more robust, unique passwords for their many accounts without having to remember them all.
Practice email security
The vast amount of cyberattacks come through email, so it is crucial to have email security in place to protect employees’ communication with colleagues, customers, and partners when working from home. This includes ensuring email accounts are only accessed via a VPN, which encrypts users’ connections, devices, and data in transit. Users also need to remain vigilant by understanding the characteristics of phishing emails and avoiding links and attachments in messages.
Top technologies that improve organization's cybersecurity in the COVID Era
The COVID pandemic accelerated the need for organizations to deploy solutions and tools that help employees work from anywhere as securely as they did in the office. Work-from-anywhere cybersecurity tips for employers include:
Identity management and authentication
Relying on passwords alone is no longer enough to keep cyber criminals at bay. Instead, users need to add an extra layer of security to their online accounts by using identity management tools like two-factor authentication (2FA) or multi-factor authentication (MFA). These tools use various authentication methods, such as one-time passwords (OTPs), which verify a user’s identity and ensure a hacker cannot access an online account even if they manage to steal the password.
Endpoint security solution
Endpoint security solutions protect every endpoint connected to an organization’s IT infrastructure. Actions they perform include:
- Providing organizations with enhanced visibility of all the devices across their networks
- Enabling advanced protection and dynamic access control
- Detecting and blocking security threats in real time
- Automating and orchestrating timely responses
- Supporting security incident investigation and management
Zero-trust network access (ZTNA)
As the hybrid workforce continues to work from anywhere, the continuous verification of all users and devices as they access corporate applications and data is required. Zero Trust Network Access (ZTNA) protects networks and applications, network administrators by implementing a zero-trust access.
Data loss prevention
Remote work increases the risk of data being lost or stolen during cyberattacks. Data loss prevention (DLP) tools enable organizations to detect and prevent data breaches, accidental data sharing, and malicious theft. They block sensitive data from being extracted by unauthorized entities, which is crucial to internal security and complying with increasingly stringent data privacy regulations.
User behavioral analytics (UBA)
With employees working from disparate locations, it is more important than ever for organizations to understand what they are doing. User behavior analytics (UBA) allows businesses to keep tabs on the applications users launch, their network activity, the files they access, and the emails they have sent. UBA also analyzes how frequently users carry out specific tasks and searches for usage patterns that can indicate suspicious or malicious behavior.
Security information and event management (SIEM)
SIEM helps organizations mitigate the ever-increasing volume of threats they face daily. The technology allows businesses to keep pace with the growing deluge of malicious activity, as well as triage and investigate alerts relating to suspicious behavior. SIEM solutions analyze security events to enable rapid threat detection and response.
Encryption secures data on corporate networks and communications between remote-based employees. It transforms data into a ciphertext that can only be read or deciphered by the sender and their intended recipient. This ensures that a cyber-criminal cannot read the original data, even if they manage to intercept it. Encryption also helps organizations ensure data authentication and integrity as it can prove that data has not been altered from its original state.
How Fortinet Can Help?
Fortinet helps organizations secure their remote workforces with a range of industry-leading cybersecurity solutions. This includes Fortinet Linksys HomeWRK, a secure network specifically designed for employees’ home offices. The solution provides an enterprise-grade firewall that ensures secure, reliable network connections and advanced Wi-Fi connectivity that is ideal for remote collaboration and communication.
Fortinet FortiAuthenticator enables users to protect their online accounts and corporate logins with secure 2FA and single sign-on (SSO) capabilities. Fortinet also enables remote workers to browse the internet securely with its FortiSASE service. It provides FWaaS and Secure Web Gateway capabilities that protect remote users while accessing the internet.
The Fortinet Zero-Trust Access (ZTA) framework uses a tightly integrated collection of security solutions that enable IT security teams to identify and classify every user and device seeking network access, assess their state of compliance with internal security policies, and automatically assign them to zones of control, and then continuously monitor them, both on and off the network.