In honor of Cybersecurity Awareness Month, we examine the security and control issues that linger on as distributed workforces are here to stay.
It has been almost three years since the beginning of the pandemic that rocked the United States and the world. This pandemic disrupted essentially every normal routine, both personally and professionally. Businesses had to fundamentally change the way they operate and rapidly shift to remote work, sometimes with little or no preparation. Enabling individuals to work from home caused a plethora of issues for IT and infosec teams who, in some cases, had to immediately shift a majority of a company's workforce to work remotely. It sparked a lot of worry and some pressing questions:
- Could the current infrastructure withstand the new load being placed on it?
- Could the current infrastructure protect all these employees now working from home?
- Could the current infrastructure protect the internal network from external threats and attacks with the new amount of remote workers?
- Would the increase in remote workers bring down the network or cause it to run slower?
As COVID and the remote workforce it spawned linger on, there are still unresolved issues for many IT/IS teams.
Major concerns with remote work
As the pandemic unfolded, it exacerbated many long-standing security risks, including poor physical security practices in public spaces, weak passwords, unencrypted file sharing and more. But remote work amplified a few issues most prominently:
- Accessing sensitive data through unsafe Wi-Fi networks
- Use of personal devices for work
- Weakened security controls to improve usability and productivity
- Cyberattacks on remote-working infrastructure from constantly expanding threats
Unsafe wireless networks
Whether employees access corporate accounts using their home wireless networks or an unsecured public wireless network, there is cause for concern, as malicious actors could be spying on their connection to harvest information — even with the use of a VPN. The use of a VPN provides certain protections only if the employee is instructed to use it at all times. This is generally not the case, as many employees still connect to the internet without a VPN to “just” browse the web. This optional VPN use can have huge consequences, as employees surfing off the VPN are more vulnerable to cyberattacks.
Learn about the many dangers of free Wi-Fi to everyday users as well as professionals who perform sensitive online research in this post >
The bring-your-own-device (BYOD) trend has been an increasing trend across the commercial space for some time. But many organizations are still not fully aware of the issues involved by a BYOD policy or have strategies in place to counteract them.
While BYOD offers organizations potential cost savings, they often forfeit some control. Employees may not update their personal computers or keep their software up-to-date, which can open up security holes into the connected corporate environment. But the biggest issue with BYOD is that if an employee using a personal device for work leaves the organization, that device contains sensitive company information that the organization may not be able to erase.
Weak security controls
To rapidly enable remote work at the start of the pandemic, companies broke many of their own cybersecurity best practices. The principle of least privilege became the suggestion of least privilege, ports opened in firewalls and other security controls were generally weakened. While initially this was done as a last resort, some companies are still working to clean up the mess.
The reason why companies weakened security controls in the wake of the pandemic was to allow remote workers to take their work computers home and access the corporate network through their home networks. As the majority of companies require the use of VPN to connect to their network, this offers some protection for users and the company. But even with VPNs in use, there are still concerns that the corporate network is less protected. There is the potential that the client devices used by employees are unprotected and exposed while accessing unsecured networks; this could open the corporate infrastructure up to compromise from any number of threats and vulnerabilities.
Cyberattacks, threats and vulnerabilities
With remote work, one of the biggest concerns is cyberattack, especially distributed denial-of-service (DDoS) and ransomware attacks.
A DDoS attack against a company could prevent remote workers from accessing the company’s infrastructure, bringing business operations to a standstill in the majority-remote workforce. Since the pandemic, DDoS attacks have risen exponentially over the years, taking advantage of the chaos of COVID, the cycles of holiday shoppers and global conflicts.
Ransomware also continues to be a thorn in security’s side, a constant threat capable of disrupting all facets of an organization. According to Malwarebytes, between March 2022 and August 2022, the LockBit ransomware group has conducted roughly 430 known attacks against 61 different countries, including 128 attacks in the US alone. Malwarebytes also indicated that ransomware is not going anywhere, and the future of ransomware could only get worse. The use of “double extortion” and even “triple extortion” methods where the ransomware groups steal credentials prior to encrypting them means even if the ransom isn’t paid, attackers could still leak the information to make a profit.
Beyond attacks, there are the threats and vulnerabilities that have plagued cybersecurity professionals for years that can now cause a greater impact to an organization. This is due to the ease with which they can now enter an organization’s network through the employees’ home network that may not have as robust security. Additionally, threat actors could find it easier to drop exploits that target known vulnerabilities on employee computers that are connected to unsecure or unprotected wireless networks. Lastly, with weaker security controls, there is the possibility that the security monitoring for the organization is either restricted or even deactivated.
How to mitigate risks of the remote workforce
In the remote workforce, the browser has become the essential application; unfortunately for IT, it’s where they have the least visibility and control, making it the organization’s greatest asset and its greatest liability. But by addressing the browser itself — rather than surrounding it with piecemeal solutions — IT can create a simplified approach to extending zero-trust architectures across all users, devices and locations.
Utilizing a cloud-based browsing environment like Silo for Safe Access can isolate the organization from web-borne threats when users browse the web or click email links, and enable IT to manage access to high-value apps from any network or device while safeguarding critical business data. With this approach, organizations can:
- Isolate apps, data and devices from malicious exploits wherever they reside
- Enforce control and oversight to prevent improper web use and avoid critical data loss
- Wire security into users' everyday workflows as their activity shifts across devices, networks and locations
To learn more about how Silo can help secure and enable distributed workforces, click here >Secure web access Zero-trust app access