The View from the Remote Workplace
Working from home increases the risk to system security and data privacy. With this guide, remote workers and independent professionals can:
- Recognize and avoid basic security threats.
- Set up effective cybersecurity practices.
- Establish effective security habits.
The Remote Workplace Cybersecurity Environment
It’s spring 2020, a rather busy time from a cybersecurity point of view:
- Threat actors found and developed new ways to infect mobile devices.
- Suppliers of advanced ransomware added a second, more malicious level to the exploit’s basic extortion.
- In their haste to move workers to the cloud, organizations exposed misconfigured or unprotected assets to the internet.
As spring 2020 progressed, more and more people got sick from a new pathogen. Midway through March, many office workers were sent home to work indefinitely. Before we could catch our breath, we’re doing familiar work in an unfamiliar workplace. And, the total number of data breaches, IP theft, and cyber-scams exploded.
A recent Crowdstrike study of its customers showed more cyberattacks in the first six months of 2020 than in all of 2019. (That’s 41,000 in January through June 2020 compared to about 35,000 for 2019.)
Why? Because remote workers were—and are—easy targets.
The security risk of remote workplaces is nothing new. But the pandemic accelerated this trend. Without layers of corporate security protection, modest at-home security operations are exposed to increasingly skilled and brazen cybercrooks.
Cybersecurity: The View from the Dining Room Table
We’ve designed this guide to provide an up-to-date picture of remote workspace security and what remote workers must do to reduce the business and technology risk of cybercrime. We’ve chosen the details that can help you make decisions about whether and how to invest time, tools, and effort in your remote office security tasks.
What’s happening to the cyberattack threat landscape?
In a 2020 Skybox report of 295 enterprise organizations, 73 percent of security and IT executives surveyed mentioned their concerns of threats created by their distributed remote workforce. That’s one reason why work at home in 2021 is the #1 focus of endpoint cyberattacks.
Remote work operations will continue to present unique and appealing opportunities for cyberattackers. (Think of ransomware and spear phishing.) So, securing remote workers will become a major focus for surveyed organizations.
What’s causing the changes in threat and risk profiles?
The juicy opportunities to attack remote workplaces come from several sources:
- A larger attack surface, which expanded as workers moved from office to home.
- Poorly secured personal devices and home routers.
- In the future, expect…
- An uptick in insider threats
- A major increase in spear phishing attacks in 2021 due to automation.
- Continued migration of business processes to the public, private, or hybrid cloud.Dependence on cloud-based and new software technologies and services.
- Remote workers in a hurry.
- Transfer of sensitive information over unsecured or unsanctioned channels.
More recently, 36 percent of security managers said they experienced an increased volume of security vulnerabilities due to remote work.
In the future, expect…
- An uptick in insider threats
- A major increase in spear phishing attacks in 2021 due to automation.
- Continued migration of business processes to the public, private, or hybrid cloud.
How to Use this Guide
We wrote this guide to help corporate remote workers, consultants, and other independent professionals to:
- Recognize and avoid potential security risks.
- Use tools and practices that can maximize remote office security.
- Review the security practices, tools, and mindset that lower risk in remote offices.
These are the tasks that we’ll guide you through in the following sections.
Promoting User Awareness and Best Practices
Sometimes, it seems that if we had a dollar for every time we hear “Don’t share your passwords,” we’d all be millionaires. That’s because when it’s time to battle cyberattacks, hardware and software are the tools that we usually remember.
It’s easy to roll our eyes at the mention of “good security hygiene.” But there’s a reason why security awareness is especially important at remote workplaces. Cybercrooks depend on our more casual attitude about working from home. After all, the bad guys concentrate on corporate networks, where the pickings are numerous and juicy, right?
Lately, this trend has been changing. Your remote operations have a direct connection to your organization’s data resources. It takes only an instant of inattention to let unauthorized users get into your home-based system. After that, it’s off to the races and your organization’s data riches.
Watch for These Cybersecurity Threats
If we have a new cybersecurity “normal,” it would be a distributed hybrid workforce. In organizations with a DHW, one or more employees work in different physical locations. This could be the office, at home, or in public workspaces.
Unfortunately, this workplace structure expands the overall threat landscape. After all, the threat landscape expands wherever we work. So, protecting data and IT infrastructure becomes more complex and difficult to manage.
When you set up your remote work operations, don’t be surprised at the number and variety of items you must be aware of on a day-to-day basis.
If this all sounds like a bit too much to handle, no worries! Most of these “management” tasks require awareness and developing good habits. But awareness involves recognizing potential threats and vulnerabilities. Here’s the lineup of the most worrisome threats to remote workers.
For most companies, malicious intruders are not always the proverbial cyber attackers. Many remote security problems will have the same cause as in pre-pandemic days—other employees. If there is any good news here, it’s that these threats are easier to find and manage than those created by strangers.
IBM estimates that human error causes nearly a quarter of all data breaches. Employees often compromise company data accidentally through poor security practices and use of technology.
Employees sometimes take advantage of the higher security risk in remote work environments by acting maliciously, stealing company data for profit, retribution, or fun. Unfortunately, insiders-as-a-service attacks have already made their appearance on the dark web.
Realistically, working from “home” can mean working from anywhere other than the office. We don’t think twice about hopping onto open systems, but we should. To cyberattackers, “open” means open season on any unwary remote worker with an unprotected data pipeline to their system’s computer and their organization’s network.
These attacks usually go undetected because they occur at a layer of network infrastructure that security software solutions can’t detect. That’s why these attacks are so dangerous.
Connecting to a manipulated Wi-Fi source just once can provide bad actors with access to your organization’s network.
Spoofed peripherals (rogue devices)
Think of all the peripherals you use in a day’s work. Keyboards, wireless and connected mice, USB drives, chargers, and more. Cyberattackers are making peripherals their attack tools of choice. Their ultimate targets are almost always humans, unsuspecting users like you.
More remote workplaces mean more remote peripherals and the higher risk of an attack. Compromised peripherals become rogue devices. That is, they perform their normal duties and harmful behavior directed by malicious intruders.
Your system is unlikely to notice rogue devices, which can cause damage to your operations. Your peripherals look and act as you expect then to. They provide the usual identifiers, which your computer will recognizes as legitimate. Don’t expect security alarms or notifications when rogue device attacks occur.
Man-in-the-middle (MitM) attacks—and the damage they do—have been the topic of headlines for years. But hackers, especially those who target mobile devices, are becoming more versatile and using more sophisticated methods.
In these attacks, intruders search for and secretly enter the private communications of a message sender and receiver. Neither party of the communication knows that an intruder has entered the data flow and has perhaps changed the communication.
Malware—the name says it all. We’re talking about bad software, which can deliver harm in many ways. The outcome depends on its code.
Ransomware. This type of malicious program blocks access to your device until you pay a fee to its creator. This exploit is expensive and difficult to remove. In April 2020, Coveware reported a jump in average ransomware payments to more than $111,000, a 33-percent increase over the previous quarter.
Since the start of the pandemic, ransomware has been more than malicious. Now, it’s deadly. In a September 2020 incident, ransomware played a part in the death of a patient in Germany.
Data breaches. Do you want to steal customer, patient, or employee data? Or maybe some juicy intellectual property? Just inject malware into a computer or device at a specific layer of an organization’s network infrastructure. Then, cruise your way through their network.
Loss of network function. If data breaches aren’t to your taste, how about bringing a web site’s operations to a halt? In a distributed denial of service (DDoS) attack, malware will overload servers with junk data, until the servers can’t function.
These and other types of malware attacks are high-cost, high-impact events. They can affect customer loyalty as well as company revenue, costs, and reputation. As any victim of malware attack will tell you, these long-term effects are expensive and damaging enough to warrant protective as well as defensive security measures.
Some versatile hardware devices can act as a mouse or a keyboard. If malicious actors penetrate a system that uses these devices, they can trigger commands remotely and cause a wide range of damage. Essentially, these devices can behave like a human and click links that cause the installation of malware, for example.
Best Practices that Counteract Security Threats
For years, companies have spent significant sums to secure their onsite IT infrastructure. Now that remote work is a long-term workplace trend, organizations should make comparable offsite investments, too.
Every organization and remote worker can significantly reduce the risk of cyberattacks by developing good security habits and embracing defensive best practices.
Here are proven best practices, which can form the foundation of solid cybersecurity protection.
Set up remote workplaces before you start work.
Often, remote workers forget this first-things-first recommendation. Yes, there is time and effort involved. But talk to anyone who has experienced a ransomware or phishing attack, and you’ll understand that the preparation is worth it.
Review your organization’s security policies and guidelines.
It does no harm to review your organization’s security dos and don’ts before you start remote work. Even if you’re familiar with the specifics, check them anyway. Something new might have been added.
Review your hardware and software tools.
Here are some items to check off your list. Your IT team or independent IT support specialist can check for these security-related gear, settings, and support tasks.
Here’s a list of the items that appear on lists of remote worker must-have tools:
- Multi-factor authentication
- Virtual private networks
- Real-time security monitoring
- Data and system backups
- Cybersecurity software (antivirus, antimalware, etc.)
- Employee monitoring software
Here are some questions that will help you reduce the security risk of your remote office:
- Does your remote office include all the hardware, software, and connectivity equipment you need to run a secure remote office?
- Has anyone reviewed the security and configuration-related settings on your equipment? Does anything need an update?
- Has the latest security software been added (patched) on your computer and devices?
- Does your organization have a patching schedule that would include your equipment?
- Does your equipment use the latest certificates and patching procedures?
- Have you set up a data and file backup method, schedule, and location?
Ask about security in the cloud.
Even before the pandemic, many organizations and solo professionals moved their data and apps to hosted third-party services in the cloud. Always vigilant, cybercrooks have noticed the opportunity for high-volume mayhem.
Now, they are paying more attention to workers who use cloud-based platforms and services. If you run a solo operation, ask the cloud operator who pays for data breaches or other security exploits.
After you set up and plan your security system, it’s time to secure your tools.
Protecting Your Remote System, 2021 Style
In the past several years, there have been major changes in cybersecurity design. The emphasis has changed from addressing vulnerabilities (adding and monitoring network components such as firewalls) to reducing the odds of damage to your system.
Here is the latest how-to information, designed to help you keep your equipment safe and your data private.
Establishing and Following Data Security Policies
In offsite work environments, using company-issued technology to access data and networks is a safer, less risky way to keep remote data safe and private. In fact, following familiar security rules and practices is your best bet to building an effective, remote security system.
It’s likely that more than a third of your colleagues never update their account data. Billions of login credentials have been compromised in the past several years, so this is an obvious vulnerability, one that can be protected relatively easily.
Protecting files and data. There are several ways to thwart ransomware specialists and keep other malicious parties out of your information and data. You can summarize the method as, “Don’t make it easy for the bad guys.”
- Gather, copy, and transfer files and data, often and consistently. The idea is to update your information and transfer it in a process that’s fast, frequent, and reliable.
- Keeping copies of files and data out of reach. A convenient and cost-effective way is to back up data in the cloud. A UBS device (thumb drive) works well for smaller operations. But avoid any internet connections of your data store and your system!
Updating account passwords. Computer and mobile device users are probably sick of hearing about passwords. But there’s a good reason why the subject is repeated over and over. Ensuring that all accounts are protected with strong passwords is more important than ever.
Prompting employees to regularly update account passwords can keep bad actors out of remote files and email. Many organizations use helpful software that uses simple, on-screen prompts to reduce the risk of intruders, IP theft, or data breaches.
Using advanced authentication methods. New technology contributes to the cybersecurity effort. Familiar security features such as two-factor authentication make it harder for bad actors to access networks and data stores.
Biometric measures—facial recognition, retina scans, and fingerprints—have been available for several years now but usage is still increasing slowly.
Absorbing all the security training in sight
Most people want to be a part of the data security solution. Learning to manage data carefully, identifying phishing scams and other exploits, and protecting your accounts often will ensure that you become a defensive asset.
Taking responsibility for a secure home system
This is the biggie, the most important item on your system security to-do list. You might have a remote office. But you still must keep your home office system and organization network free of cyberattack entry points. That means:
- Recognizing new security exploits and cyberattacks. Learn how to recognize and avoid phishing and ransomware attacks. They’ve become more sophisticated and harmful than ever.
- Avoiding attacks enabled by human nature. We all lose attention now and then, and we love convenience. That makes sharing passwords, using passwords in several accounts, and losing track of regular security checks all too easy. Password management software and periodic checks by IT services providers removes the time and aggravation of security maintenance. Use these essential services as part of a regular security routine.
From best practices to hardware: Here’s how to keep your system tools and appliances safe.
Keeping Hardware Systems Safe
Individuals and organizations typically think of software as the cause of spectacular data breaches and theft of sensitive employee or business data. This might be true in many cases. However, cyberattacks on hardware have put their destructive fingerprint on exploits, too.
In 2018, Intel chips infected with Spectre and Meltdown malware threatened computers, servers, smartphones, and Internet of Things (IoT) appliances such as routers, TVs, and other smart devices.
The biggest potential damage came from its source. The vulnerability existed at the hardware level of the IT infrastructure. IT teams from user companies could not deploy patches without severely reducing chip processing speed.
As an IoT device, your home router is possibly the most vulnerable path into your home and therefore your company’s network. Why? Many people don’t change the password on their home router when it is first installed. Avoiding router-based attacks is easy:
- Take the router out of the box.
- Plug in the router and initialize it.
- Immediately change the password.
- Add the new information to your password manager. (You do have one … right?)
- Set up encryption on your router (See below.)
There’s one more thing you must do to secure your router. Set up the latest type of encryption. Until you do, all communications between your home office and work office are easy pickings for internet eavesdroppers. Here’s how to do it:
1. Make sure that your wireless network router supports the WPA2 security protocol. (WPA is an acceptable but weaker protocol.)
- Go to your router manufacturer site.
- Search for the latest firmware.
- Download the firmware according to instructions on the manufacturer’s web site.
2. Apply compatible WPA2 settings on each WiFi device. For each device, choose the WPA2 encryption option and its related authentication information.
Providing laptops for all employees can be costly, so many organizations rely on staff members using their own devices when they work from home. This practice creates one of the biggest risks of remote work. Why? Employee computers and devices often lack:
- Strong antivirus software, customized firewalls, and automatic online backup tools and best practices built into business networks.
- The ability to monitor malicious activity on the network.
These deficiencies raise the risk of malware finding its way onto devices and removing personal data and work-related information.
Employee mobile devices
If you must use your personal smartphone for work purposes, consider using mobile device management (MDM) and mobile application management (MAM) software. These solutions can help you secure mobile devices and applications by using these security measures remotely:
- Data encryption
- Malware scans
- Wiping data on stolen devices.
Also, consider a mobile security solution, which can provide antivirus and endpoint detection and response capabilities for all your mobile devices.
Dedicated firewalls create a barrier between employee devices and the internet. They protect networks by closing communications ports on servers. This method helps to prevent the entry of malicious programs and stops data loss from employee devices.
However, hardware firewalls require advanced IT knowledge to install, configure and set up. Also, they usually require a dedicated IT employee or department to monitor and manage after the installation.
If your organization sent you home to work remotely, your IT staff will probably have contacted you. If not, ask them what must be done to set up your firewall properly.
Software that Keeps Cyber-Intruders Away
Software is becoming increasingly important because it is taking over many formerly hardware functions. Here are the major software packages that enable your home office to stay secure.
Wireless connections between your home office and your company’s network are a potential security weak spot. Malicious parties love to use and prowl around restaurants and other digital public places to spy on internet traffic and collect confidential information. (Confess, don’t you have a favorite coffee shop or public place that gets you out of the house?)
So, avoid working in places that don’t encrypted Wi-Fi.
But even at home, it’s vital that you protect your communications. You can operate a virtual private network (VPN). If that’s not available, follow these steps to avoid giving cyber-intruders access to your system.
Whenever you begin remote work—or want to upgrade system security—follow these steps:
- Open the Settings app on your computer, laptop, or tablet.
- Access the Wi-Fi Connections settings.
- Find your wireless network on the list of available networks.
- Tap the network name or Info button to pull up the network configuration properties.
- Check the configuration for the security type. Your system should be using WPA2 (or less desirably) WPA.
Virtual private networks
VPNs are software programs made to keep online data private and keep it safe from breaches, IP theft, and malicious intrusion. VPNs are encryption-protected communications tunnels, which whisk your data and communications from your computer to a secure server on the Internet.
You can use VPNs whenever you work outside of your office: at home, cafes, hotels, or airports. VPNs encrypt all your internet traffic, making it unreadable to anyone who intercepts it.
NOTE: VPNs are specialized security tools. They can’t prevent data breaches or other cyber mischief in your organization’s network. They can prevent anyone from grabbing information in your communications.
Software firewalls are installed on and protect individual computers or mobile devices. If your remote workplace includes several computers or peripherals, firewall software must be installed on each protected device.
This needn’t be a problem, though. Software firewalls are already built into many OSs and peripherals. Just check with your IT team to see if they are already installed, protecting vulnerable system components. Then, make sure that they are enabled wherever they exist in your system.
Once touted as magic bullet protection, AVS is now regarded as one part of a secure home system. To keep your home office secure, you must support AVS with well-configured installations and regular security software updates.
Advanced antivirus software can act as a second line of defense by detecting and blocking known malware. Even if malware does manage to find its way into your system, antivirus software is designed to identify and block it before damage can be done.
Make sure that your equipment uses up-to-date encryption tools on your devices whenever you communicate sensitive information with colleagues as well as organization partners, suppliers, and customers. It pays to have someone check that you have support for basic and more advanced security functions.
Basic security support. These tools check whether a security certificate was issued by a legitimate certificate authority or if it is a fake. Most systems use quite a few certificates, so it’s best to have an IT team member or hired specialist manage them.
More sophisticated detection and protection. It’s also a good idea to check if your computer and devices have protection against more advanced mayhem caused by cyberattackers.
Just ask your organization’s IT team to check out your soon-to-be-remote gear. (They will probably do this automatically as part of your moving to a home office.)
If you run an independent operation, consider hiring an IT services specialist to give your system a thorough security check before you proceed.
Whoever you choose, your IT security specialist will look for and neutralize potential software vulnerabilities, such as:
- Transport layer security cipher suites and versions.
- SSL/TLS versions of network connections.
- Enforcing certificate roles.
Deploying environment monitoring software
A new development, employee monitoring software uses advanced, high-speed data analysis methods to provide critical insights into employee behavior within an organization’s network. If your organization is concerned about inside jobs or intruders, they might install this tool, which:
- Analyzes employee behavior patterns to identify threats before they occur.
- Restricts employee access to sensitive data.
- Blocks data theft.
- Provides digital forensic data to investigate and analyze data and files when an exploit occurs.
These checks are part of a larger process, which includes installing, configuring, and testing your security-related equipment.
Installing, Configuring, and Testing Security Resources
Usually, your organization’s IT staff will help you confirm that your system works—ideally before you go remote. Independent professionals should also engage a specialist to complete these important steps.
So, that’s it. You are now fully grounded in the basics of remote office security.
Summary and Conclusions
As you see, there are many details to keep track of, but you can master the role of remote office security manager. Here are some recommendations to help you get started and keep going: