Tuesday, Apr 12, 2022
BY: Team Nuspire
According to Ladders’ data scientists, 25% of all professional jobs in North America will be remote by the end of 2022. The trend, accelerated by COVID, is a welcome one for people looking to incorporate more flexibility into their lives; however remote work brings increased security challenges for companies working to accommodate this new paradigm. Here are our top three tips to help organizations build a security model that addresses work from home.
Tip 1: Focus on Visibility
Visibility is one of the most important components of a security program. IT teams do their best, despite all the unknowns of home environments. In early 2020, many companies did not have solid remote work policies or guidelines. As a result, many workers chose to use personal devices that were not configured to meet company standards, which introduced a whole host of risks.
Every home likely has unique equipment and diverse configurations. Setting up remote access and troubleshooting user problems take time. Trouble tickets involve chats, calls or online meetings – potential ways that IP addresses, passwords and other intelligence can be leaked through data-collecting IoT devices. Rolling out tools for tens or hundreds or thousands of new endpoints is not a simple undertaking – home environments present a scale issue that no one saw coming for a situation that has no playbook.
IT teams need visibility to see what’s on the wire and what’s on each device – no matter the device origin or whether it is personal or company-issued. If a device is on the internet, it poses a risk.
Conduct a thorough remote breach assessment for each home environment to obtain a point-in-time picture. The findings in the assessment report show the complete stack and a risk profile to help you make better decisions as you manage a remote work environment. Along with a breach assessment, additional best practices include:
- Engaging a managed security services provider (MSSP) to provide ongoing visibility through monitoring and reporting tools that can be activated swiftly with no disruption
- Prioritizing the vulnerabilities listed in the breach assessment and creating a plan to fix them
- Establishing a threat hunting strategy to expand visibility and strengthen your defenses by being proactive
Tip 2: Secure Rampant IoT Devices
The challenge with remote work is that organizations do not have control of home office networks including the DSL, cable, Wi-Fi or routers employees use. IT teams don’t know if devices are patched and updates are installed. Or if a virtual private network (VPN) on a company laptop is turned off, switching the device to Wi-Fi. Or if a VPN is spoofed, creating a tunnel for bad guys to access the modem. This wild west situation presents many potential vulnerabilities.
Right now, external threat actors are more active than ever. In 2021, IoT cyberattacks doubled, reflecting the reality that unprepared home network devices are an easy target for cybercriminals. Often attackers scan for IoT devices with open SSH or Telnet ports to brute-force access into them. After they gain shell access, the attackers download a payload that adds the device to a botnet. From one foothold, a botnet can spread rapidly throughout a network.
In addition, internal threats are on the rise because many organizations haven’t educated their employees about how to be safe online and how to keep the organization protected while working from home. For example, password hygiene is critical. Passwords may be too simple. Or the same password is used for multiple accounts or worse, shared by multiple workers. And, phishing has continued to increase, with 2021 showing a 46% increase in organizations hit with a successful phishing attack over 2020.
Not all risk can be removed, of course. But it is possible to define your organization’s acceptable level of risk, allowing you to make cybersecurity decisions that balance the need for remote work with the security needs of your entire network environment.
Patch devices to update signatures and operating systems and be sure to provide remote workers with security awareness training that covers topics such as social engineering attack types, password rules, breach etiquette, reference documentation, applicable regulations and roles/responsibilities. Additionally, implement 24×7 managed detection and response, along with remediation runbooks, to give your IT team the tools they need to defend against threats.
The right tools provide:
- Visibility all the way through to each endpoint, making sure each one is the actual endpoint and not an unknown source disguised as a known endpoint
- Continuous monitoring of networks, devices and applications (another overlooked target), allowing security events to be ingested and analyzed to speed response
- Consistent device scanning to make sure data isn’t exposed
Tip 3: Close IoT Cybersecurity Gaps Without Hiring Additional IT Staff
Just when cybersecurity is more important than ever as remote work grows in popularity, we’re experiencing a global cybersecurity talent shortage. In fact, some estimates put it at 2.7 million unfilled positions globally – all while we’re seeing a 68% increase in data breaches over 2020.
Organizations need to manage costs, but at the same time, cybersecurity specialists need help. Most companies have few unplanned IoT devices in office settings, but IoT considerations in home environments are uncharted territory. Your chief information security officer (CISO) or IT director should be prepared to educate decision-makers by answering these questions:
- Why is it important to understand that the IoT is comprised of more than devices?
- How is IoT operating in our business environment?
- What does the attack surface look like now that employees are working from home?
Implement managed security services to close gaps in tools and skills – the most efficient way to gain IoT security expertise without hiring more people or purchasing new technology. Your in-house IT experts can focus on what they do best while the MSSP backs them up by:
- Monitoring all endpoints 24×7 using the latest scanning and detection tools
- Customizing runbooks to increase efficiency and effectiveness
- Offering flexible OpEx billing arrangements
Protecting a remote work environment while also managing the many other attack surfaces within your company’s network can be time-consuming and costly. At Nuspire, our mission is to make clients fanatically happy through a relentless pursuit of excellence. Let’s talk about how we can work together to provide a new, fresh and inspiring approach to enabling a more secure remote workforce.