In the wake of the COVID-19 pandemic, it is becoming more apparent that remote working is here to stay.
Fortinet’s recently released Work-from-Anywhere Global Study surveyed 570 companies and found that 60% still have employees working from home, whilst 55% of their workforce are embracing a hybrid work strategy.
NSI Global recognises this departure from the corporate office has created new security risks that have caught many organisations unprepared. Fortinet’s study revealed that 62% of companies surveyed were the victims of a data breach they could at least partially attribute to these new vulnerabilities created by the migration to unsecure premises and the insufficient security protocols of these remote work employees over the past 2 or 3 years.
With this alarmingly high rate of breaches, it is exceedingly clear that these work from home vulnerabilities are being aggressively exploited by threat actors to gain access to commercially sensitive information.
Understanding the Security Risks of Remote Working
Corporate espionage has had a year-on-year rise since 2012, with accelerated increases since the pandemic. Moreover, focusing on just cyber security leaves a gap wide open and allows for a physical attack. Many work from home offices have been inadequately assessed to ensure the security of private conversations, proprietary information, and commercially sensitive data flowing from the private residence to the corporate offices.
One of the biggest challenges of securing decentralized working environments is the limited visibility organizations have over users’ home environments, branch offices, and off-site locations. This lack of visibility makes it unclear who owns what assets, and enforcing zero trust access controls and deploying patches to devices becomes much harder. This underscores the need for companies to invest in cutting-edge proactive strategies that can mitigate the risks associated with remote working.
Not checking the physical security of your work from home premises allows for a significantly greater risk for an attacker to gain access, install illegal listening devices or cameras, then collect the data off site. An attacker can also set up outside of a premises such as a home or apartment and point a laser microphone to a window of an employee, and listen in on their conversations, online meetings, and so on. This is why it is imperative that a security risk assessment is conducted at the homes of employees that handle sensitive information.
In a corporate office environment, there are effective systems in place such as firewalls, intrusion detection systems, and other cyber security systems as well as technical inspections to safe guard against physical intrusions and remote surveillance through the use of hidden device and external surveillance and listening posts. In most cases, these systems and the security of the corporate workplace benefit from conducting a technical surveillance counter measures bug sweep and cyber and physical penetration tests to find illegal hidden surveillance devices, vulnerabilities in computer network infrastructures, and weaknesses in cyber security protocols that would allow an attacker to gain access to a network.
Despite the fact that the majority of organizations have yet to mitigate the risks associated with remote working, the report did reveal that CISOs and security leaders are taking proactive steps to enhance their cyber resilience. This includes investing in proactive measures designed to bolster their security posture and minimize the threat of breaches in the future.
NSI Global Recommends the following practices be implemented for the work-from-home user:
- Conduct a risk assessment to identify all potential risks and vulnerabilities associated with the home office setup, including physical access, hardware, software, and network devices.
- Evaluate the strength and effectiveness of current cyber security measures in place, such as firewalls, antivirus software, and encryption protocols.
- Develop a comprehensive security plan that addresses identified risks and vulnerabilities and outlines specific measures for preventing or mitigating security incidents.
- Train and educate the home office user on security best practices, such as password management, phishing awareness, and data backup strategies.
- Backup your data regularly: Store securely to an external drive and disconnect from your main system.
- In instances where valuable and commercially sensitive data is accidentally deleted or lost, do not use common data recovery software as the act of new software installation on the system poses a risk of overwriting the same deleted data.
- Engage the services of a digital forensic data recovery specialist to ensure your data is recovered safely without the risk of being overwritten.
- Enable Multi-Factor Authentication (MFA): Use MFA to add an extra layer of security to your accounts and systems. MFA can prevent unauthorized access even if an attacker has your username and password.
- Implement a zero-trust architecture for the home office to ensure that all users, devices, and applications are authenticated and authorized before accessing any resources, and continuously monitor and verify their access throughout the session.
- Use reputable antivirus and anti-malware software: Keep it up to date to guard against known ransomware threats.
- Enable firewalls: Prevent unauthorized access and prevent ransomware communication with servers.
- Stay cautious of suspicious emails and attachments: Verify the sender’s identity and do not open attachments or click links from unknown sources.
- Keep software and operating systems up to date: Patch known vulnerabilities that ransomware attackers exploit.
- Use a Virtual Private Network (VPN): Encrypt your internet traffic and protect your network from potential ransomware attacks.
- Use a cloud access security broker (CASB): Monitor and secure cloud applications and data, prevent unauthorized access, detect potential threats, and enforce security policies.
- Conduct remote penetration testing: Identify potential vulnerabilities and weaknesses in network security.
- Conduct digital forensic spyware assessments: Identify potential spyware or malware infections on the computer system.
- Conduct regular technical surveillance counter measures sweeps: Detect any potential eavesdropping devices or physical security threats in the home office environment.
- Regularly monitor and review the security posture of the home office, conducting periodic vulnerability scans and penetration testing to identify new or emerging threats.
Conducting a risk assessment and implementing a proactive risk management plan for the work-from-home offices of critical personnel is imperative to meet compliance requirements, protect your confidential information, and provides you with the assurance that your business is secure. For your peace of mind, contact NSI Global today.