Mass transfer of office personnel to remote work make it harder to maintain security. According to public sources, the number of targeted attacks on organizations has increased dramatically in recent days. In addition, it is expected that there will be a two-fold increase in data leaks from employees working remotely. Experts say the main danger of data theft comes from the employees themselves, as there is no strict control at home.
Unfortunately, antivirus software is not a sufficient measure for data protection in the current situation. They cannot protect against sophisticated social engineering methods, which fraudsters use. Attackers can send phishing mailings, attack RDP (Remote Desktop Protocol), compromise home equipment - routers or video cameras.
In addition, adoption of remote work may result in a situation that the responsible employees will not be able to respond to emerging threats in time, which is likely to increase the number of successful attacks.
Most IT and financial companies already know how to ensure data security during remote work, while companies that have not previously practiced this format will have to revise their approach to information security within a very short period of time.
It is not an easy task to apply a full set of corporate security features to employees' home networks, but there is a number of solutions to secure work from home.
Remote work security threats
Having a large number of staff working remotely can be a major change for organizations and create numerous challenges in terms of cybersecurity.
Unauthorized access to user's device with access to corporate network and data. Relatives can gain access to an unblocked user session.
Unauthorized data interception in communication channels from a remote workstation to the corporate network. The increased demand for remote access leads to a great potential for hackers to monitor and intercept traffic on the Internet. The analysis of data, protocols used, technologies and versions of VPNs is their field of activity.
Malicious software on user’s PC, or hacked software containing various backdoors; the lack of anti-virus protection and firewalls.
The potential possibility of losing or compromising login credentials to the corporate network; or loss of the device from which user access corporate network.
How to reduce security risks
Ensure endpoint protection for home users. It is recommended to provide employees with corporate devices, which have the necessary operating system, software and information security features that comply with company security policies. Configure these services – data transfer using Virtual Private Network technology (VPN), email encryption for corporate document management.
Make sure that the devices have the latest operating system and software versions. If necessary, upgrade to the latest versions to minimize the possible risks of vulnerabilities not resolved by vendor.
All home employees must use an antivirus tool on the devices that access corporate resources. Antivirus should always be enabled, as well as automatic updates to antivirus databases. Configure the scheduled scan of your system files to be launched. If possible, use an antivirus with firewall functions. This will help detect malware before it can damage the system.
Implement two-factor authentication (2FA). Passwords used to access corporate services must be complex and difficult to decrypt in order to avoid detection. Multi-factor authentication helps to confirm that the connection is requested by the “right” user and is not a fraud attempt. With this authentication system to verify user access to company data, you can more effectively secure access to VPNs, employee logins for corporate portals and resources, and cloud applications. It can even help you comply with data protection requirements.
Provide a Virtual Private Network. VPN service establish secure encrypted connection between the user’s device and corporate network to provide more privacy. With VPN service employees can securely perform any tasks on weak networks, including paying bills, downloading sensitive data, sending emails, etc.
Firewall systems, whether virtual or physical, are the first line of defense in corporate network security. These systems monitor inbound and outbound traffic and decide whether to block or allow certain traffic based on a set of policies previously defined. These systems are therefore key elements in protecting the corporate network, especially when you consider the additional traffic generated by remote employees to create a barrier between protected, controlled and reliable internal networks and less reliable external networks.
Monitor data transfer. During the quarantine period, it is extremely important not only to transfer employees to home office, but also to introduce adequate metrics and personnel control systems together with data protection tools. By implementing monitoring systems with DLP-component you will be able to track employee's actions: surfing the Internet; activity in a variety of CRM and ERP; copying data to flash drives, clouds and mail; accessing critical documents and so on. With DLP, business can not only reliably protect data, but also control employees’ working hours.
Educate your employees. Inform remote staff about all do’s and don’ts of cyber security; what protection they should be using for their devices. Warn users not to click on suspicious emails and only use official websites. Tell them to report any information security incidents (e.g. abnormal computer behavior, application errors, anti-virus notifications, etc.) to the Information Security Department.
Cloud solutions for remote access
Unfortunately, there is no universal solution for organizing secure remote access that would suit everyone – each company has its own specific features, infrastructure, requirements and so on. Attract highly qualified specialists with experience in implementing such projects that can take into account all the specifics of the organization.
When organizing remote work in the cloud infrastructure, Cloud4Y creates a virtual desktop server with all the necessary technical and organizational measures to ensure security, measures to protect communication and data transmission.
