Impact of Remote Working on Cybersecurity
Remote working has become commonplace for organizations of all sizes and shapes over the last 18 months, in turn creating significant work-from-home cybersecurity risks. As such, organizations and employees must understand essential work-from-home security tips to successfully adopt new ways of working and minimize the security risks associated with remote working.
As companies rushed to deploy cybersecurity for remote workers when the COVID-19 pandemic broke out in March 2020, cyber criminals also took action. Hackers took advantage of the increase in security gaps created by many organizations' failure to follow remote work security best practices.
For example, INTERPOL, in its assessment of COVID-19’s impact on cyber crime, found a significant increase in the number of critical infrastructure, governments, and large organizations targeted by hackers. Between January and April 2020, it detected 48,000 malicious Uniform Resource Locators (URLs), 907,000 spam messages, and 737 malware incidents related to COVID.
These figures reinforce the need for organizations to continually train their staff on how to maintain security when employees work remotely.
Types of Security Risks When Working From Home
When employees use unsecured networks and devices to perform their jobs, such as free Wi-Fi networks, they leave gaps in cybersecurity for criminals to exploit. Significant security issues with working remotely include:
Remote workforces are at significant risk of falling victim to sophisticated phishing schemes. These involve hackers posing as legitimate senders of emails, texts, or social media messages to trick their targets into giving up sensitive information or login credentials to online accounts. Cyber criminals use this information to steal more personal data and commit broader crimes like identity theft or fraud.
The increasing sophistication of phishing emails makes it more likely for messages to bypass spam filters and more difficult for recipients to detect malicious messages.
Ransomware is a type of malware in which cyber criminals lock or block users’ access to their own data or devices. Hackers typically seize control of a machine then threaten to delete, destroy, or publish data unless their ransom demand is paid.
The primary objective of ransomware is to extort or scam victims. They are often spread through phishing emails containing malicious attachments that infect a device then encrypt files and even entire devices. Other ransomware attacks use social engineering or drive-by downloading, which sends victims to spoofed websites that install malicious material onto their machines.
One of the biggest threats to companies’ remote workforces is the ongoing use of weak, insecure, or recycled passwords and login credentials. Failure to use secure passwords negates cybersecurity software and tools like firewalls and virtual private networks (VPNs).
Hackers can now use software to help them crack account passwords and access sensitive corporate information. For example, they can compile vast lists of common passwords to access accounts or write code that uses multiple password variants to guess login combinations successfully. Another common approach is to use passwords they know someone has used for one account, such as a personal email or social networking site, to try and access their corporate account logins.
Remote-based workers are likely to use file-sharing services to send documents and files to their colleagues. These files, when stored on corporate networks, are likely to be protected through encryption. However, when shared remotely, the same level of security may not apply.
Sharing sensitive information through file-sharing tools can leave data vulnerable to being intercepted or stolen by hackers, especially while data is in transit. The loss of sensitive corporate data can result in security events like data theft, identity fraud, and ransomware attacks.
Corporate Wi-Fi networks are typically secure because they are protected by secure firewalls that monitor and block malicious traffic. However, home-based employees may connect to corporate networks and systems from unsecured Wi-Fi networks.
For example, most people routinely update their smartphone firmware or antivirus software but rarely do so on their home routers. This can leave their home network vulnerable to a data breach that, in turn, risks the security of corporate data.
One of the most significant security risks of remote working is using personal devices to connect to corporate networks and systems. These devices often do not have the same level of cybersecurity as a corporate computer or laptop. Personal smartphones often do not use encryption to protect personal data, and home printers can leave security gaps that can be exploited by hackers.
Employee Awareness and Training on Security Threats While Working From Home
Organizations’ employees are the first line of defense in preventing security threats when working from home. Employers must provide training to increase employees' awareness of the dangers they face and the potential signs of a cyberattack.
Ensuring a clear understanding of how to maintain security when employees work remotely entails educating users on the need to constantly watch out for potential phishing scams. This means avoiding links and attachments in emails, especially messages that come from unrecognized or unusual senders.
Additional work-from-home security tips include:
- Using comprehensive antivirus software to secure devices used for work and that connect to a home Wi-Fi network
- Securing devices with encryption
- Covering laptop webcams and removing external webcams
- Using a secure Wi-Fi network and considering strengthening browsing security with a VPN
- Using secure, strong, and unique passwords
- Avoiding the use of software that has not been approved or licensed by the organization
- Keeping devices and their software and operating systems updated
- Using authentication applications and technologies
- Remaining aware of screen activity on video calls
How To Stay Secure: Best Practices and Technologies
Home-based workers can stay secure and protect their personal and corporate data by following established remote work security best practices.
Best Security Practices for Working From Home
The following remote work cybersecurity best practices will help employees keep their devices and networks safe from cyber criminals:
Secure Home Wi-Fi
Home Wi-Fi is inherently less secure than networks that employees connect to in a corporate office. Wi-Fi routers come with a default password that is often relatively easy for hackers to crack. Remote workers should set a unique password, which they can easily amend through the router's settings page by typing the router's address, such as "192.168.1.1,” in their web browser. This also enables users to change the name of the network—or service set identifier (SSID)—to make it more difficult for a hacker to identify and access the network.
Home Wi-Fi should also be strengthened with network encryption, which can be changed in the security settings of the router’s wireless configuration page. The most robust encryption setting on most routers is Wi-Fi Protected Access 2 (WPA2). Further steps to strengthen Wi-Fi include limiting access to specific media access control (MAC) addresses. The router should also always run the latest firmware version available.
Antivirus software helps ensure remote worker security. Cyber criminals target home networks using advanced attack vectors like distributed denial-of-service (DDoS), malware, ransomware, and spyware. Antivirus software helps fight these threats by automatically detecting, identifying, and preventing viruses, phishing scams, and zero-day attacks from penetrating the network.
A comprehensive antivirus solution is equipped with automatic updates so it is aware of and prevents the latest emerging security threats. In turn, it allows organizations to automatically secure remote work devices and workers.
Use Internet Security Software
In addition to antivirus, home workers should deploy comprehensive internet security software—such as products like cloud backup, identity theft protection, password managers, secure web browsers, and VPNs—to protect their devices.
Use Strong and Secure Passwords
Every account must have a unique password that has not been used for any other service, is at least 12 characters long, and uses a combination of letters, numbers, and special symbols. Users should also consider a password manager, which allows them to use more robust, unique passwords for their many accounts without having to remember them all.
Practice Email Security
The vast amount of cyberattacks come through email, so it is crucial to have email security in place to protect employees’ communication with colleagues, customers, and partners when working from home. This includes ensuring email accounts are only accessed via a VPN, which encrypts users’ connections, devices, and data in transit. Users also need to remain vigilant by understanding the characteristics of phishing emails and avoiding links and attachments in messages.
Top Technologies That Improve Organization's Cybersecurity in the COVID Era
The COVID pandemic accelerated the need for organizations to deploy solutions and tools that help employees work from home as securely as they did in the office. Work-from-home cybersecurity tips for employers include:
Identity Management and Authentication
Relying on passwords alone is no longer enough to keep cyber criminals at bay. Instead, users need to add an extra layer of security to their online accounts by using identity management tools like two-factor authentication (2FA) or multi-factor authentication (MFA). These tools use various authentication methods, such as one-time passwords (OTPs), which verify a user’s identity and ensure a hacker cannot access an online account even if they manage to steal the password.
Virtual Private Networks
VPNs secure remote workers’ data and devices while they browse the internet. They establish an encrypted connection that secures data in transit, which is especially important when employees connect to inherently insecure public Wi-Fi networks.
VPNs also help reduce the risk of attacks, such as man-in-the-middle (MITM) attacks, as they make it more difficult for a hacker to snoop on internet traffic and intercept users’ activity. They also enable users to hide their location and block an internet provider from monitoring their activity.
Endpoint Security Solution
Endpoint security solutions protect every endpoint connected to an organization’s IT infrastructure. Actions they perform include:
- Providing organizations with enhanced visibility of all the devices across their networks
- Enabling advanced protection and dynamic access control
- Detecting and blocking security threats in real time
- Automating and orchestrating timely responses
- Supporting security incident investigation and management
Data Loss Prevention
Remote work increases the risk of data being lost or stolen during cyberattacks. Data loss prevention (DLP) tools enable organizations to detect and prevent data breaches, accidental data sharing, and malicious theft. They block sensitive data from being extracted by unauthorized entities, which is crucial to internal security and complying with increasingly stringent data privacy regulations.
User Behavioral Analytics (UBA)
With employees working from disparate locations, it is more important than ever for organizations to understand what they are doing. User behavior analytics (UBA) allows businesses to keep tabs on the applications users launch, their network activity, the files they access, and the emails they have sent. UBA also analyzes how frequently users carry out specific tasks and searches for usage patterns that can indicate suspicious or malicious behavior.
Security Information and Event Management (SIEM)
SIEM helps organizations mitigate the ever-increasing volume of threats they face daily. The technology allows businesses to keep pace with the growing deluge of malicious activity, as well as triage and investigate alerts relating to suspicious behavior. SIEM solutions analyze security events to enable rapid threat detection and response.
Encryption secures data on corporate networks and communications between remote-based employees. It transforms data into a ciphertext that can only be read or deciphered by the sender and their intended recipient. This ensures that a cyber criminal cannot read the original data, even if they manage to intercept it. Encryption also helps organizations ensure data authentication and integrity as it can prove that data has not been altered from its original state.