Thursday, July 23, 2020

By Maril Vernon, Fuel User Group Member

The emergence of COVID-19 has led to an upheaval of daily norms for companies and employees. When forced to rapidly convert to a remote workforce, the pressure was on to seamlessly deploy multiple new endpoint devices, migrate to cloud-based infrastructure or quickly configure and support massive VPN traffic.

As a result, many remote workers conducting business operations from home do not benefit from the enterprise-level controls of their robust corporate networks until they are connected via VPN. However, the farther a network connection extends away from its central hub, the more susceptible it is to outside attacks.

With upwards of 80% of employees now working from home, bad actors seek to bypass powerful VPN protection by attacking remote workers directly. While many of us would like to think that attackers have a preferred strategy, the truth is that anyone, anywhere, anytime can launch a cyber-attack. It is the responsibility of the employee to take certain precautions to ensure informationally secure practices are implemented at home. The better the users understand why security policies and practices are critical, the better the probability they will adopt them.

Here are some additional precautions cybersecurity professionals can encourage their employees to take to protect their and the company's data while working from home:

1. Use a personal firewall. A personal firewall is a software that monitors and controls network traffic by permitting or denying traffic based on predetermined rules you can program. Firewalls have an “explicit deny” function built-in. If traffic from a bad website doesn’t fit any of the rules you have labeled as “okay” traffic, it gets dropped immediately.
2. Install anti-virus or anti-malware. Anti-virus is a software that can prevent, detect and remove malicious programs. If you happen to accidentally visit a website that attempts to install malware, it can be stopped immediately.
3. Update operating systems (OS). Regardless of the operating system version, having automatic updates on is a good practice. Updates can run overnight so they do not impact workflow, and they often include critical patches. A patch is a fix to a known vulnerability, similar to a car dealership saying, “We know of a flaw when we manufactured this vehicle and we have a service fix for it.” There is no need to be susceptible to that flaw if the company has published a fix.
4. Update applications. Check application stores or the source where you downloaded your application (such as a vendor's website). Make sure they are up-to-date with security patches as well. If the manufacturer offers it, turn on automatic updates.
5. Secure home wireless networks. Using a wireless network without security settings or a password may be convenient, but it is not the best way to protect sensitive data. Wireless networks are discoverable by multiple devices; without proper protection they are vulnerable to attacks. Part of this includes setting up a guest Wi-Fi network. Creating a segregated guest network can minimize the attack surface so even if your guest downloads a malicious program it will not affect other devices on your network.
6. Consider encrypted solutions when sharing sensitive data. Public cloud solutions are the easiest to use but in most cases are not safe enough if one needs to share sensitive data.
7. Password or PIN protect printers. Many printers are wireless or connected to your wireless network. This makes them servers because they can communicate with multiple machines and devices on your network, and remotely receive the signal to print something. Printing company information through your printer if it is unsecured leaves it open to interception by outside parties.