COVID-19 Cyber challenges for remote working

Following on from our blog on COVID-19 related phishing scams earlier in the week (click here to read it again) and how to raise awareness to them amongst employees, we had some great conversations with people on the related issue of providing the rapid deployment of safe computing for remote working in order to meet the demands of the business under the duress of the COVID-19 pandemic. We have therefore used some of the conversation content to provide you with the perspectives and thoughts below to hopefully help illustrate some of the challenges we are facing to provide appropriate off premise IT security.

Even before the start of the UK lockdown we have been hearing about the agility and responsiveness of IT teams and their ability to get their employers workforce capable of working remotely to allow social distancing and government guidelines to be followed.

Before COVID-19 around 25% of workers who had remote working capability chose to work remotely at least one or more days per week, at the end of March we saw that number rise to over 65% of remote capable workers now compulsorily working from home.

This is obviously a massive shift for many organisations and the strain on IT has been considerable, even getting hold of an IT helpdesk during the rollout of remote services has been a challenge in many businesses.

Do not compromise your security

Within all this mobilisation effort there is a key consideration; understand the threats to your organisation. Do not compromise your security in favour of speed of deployment.

Whilst many projects to deliver remote worker capability can be carried out quickly and relatively efficiently it is all too easy to economise on security planning to avoid delays to rollout. Business has been faced with a stark choice and some compromise will have been made to quickly mobilise and equip the workforce to follow UK Government advice; “work from home whilst practising social distancing”. Many of these shortcuts will be in contravention of best practice and even information governance regulations but there is little choice when people have been instructed to work remotely. Therefore we must also consider the implications of an information breach and the associated penalties; will there be leniency from the regulatory bodies considering the circumstances?

The perimeter focused security model

It is logical to say that simply increasing your number of remote workers immediately increases your risk from data breach and also increases the attack target surface for cyber criminals. Unfortunately, many forms of traditional security architecture simply don’t deliver adequate protection for a distributed workforce and this must be a priority consideration for any remote/mobile workforce project.
The move to a remote dispersed workforce means most businesses are now utilising a blend of cloud delivered applications and/or IaaS with a level of reliance remaining with on-premise infrastructure, this results in a considerable and often insurmountable challenge for a perimeter focused security model; how to maintain acceptable levels of security with users off the corporate LAN/WAN and accessing services and applications from multiple providers.

Perimeter focused security usually leaves two options for managing off network remote users;

• Provide a security solution for each service or application utilised.
• Direct all traffic back to HQ or branch office and apply security at that point.

Each of the above scenarios brings it’s own issues, deploying multiple security solutions can be costly, difficult to manage and is confusing for the end user when user input is required. Equally, the practice of directing all traffic back to a point of presence is highly inefficient, doesn’t scale well and suffers from performance issues, for example; why route Office 365 traffic via my office network when it should really just be sent directly from user to the Microsoft cloud? Then consider this model with hundreds and even thousands of users.

Compliance such as GDPR and data control policies are also a key consideration; how do we ensure remote users are practicing correct and safe management of sensitive data that is in-line with regulatory standards when even familiar applications and services present different data security issues outside the corporate network.

The advent of high volume remote working and cloud dependency requires a security solution that can address these new challenges, it seems logical therefore to have the capability to place your security layer beyond the perimeter and into the cloud where many of the problems now present themselves. Web access, cloud delivered applications, data protection and even mobile devices can all be secured, monitored and managed by utilising the next generation of information/cyber security solutions which when deployed together make up a Secure Access Service Edge (SASE) security model.

Is current home working practice the future?

It seems likely that our current practice of working from home will at some point in the very near future become the new normal working practice, the benefits of remote working (when done correctly) are huge to both employer and employee and it’s become very apparent that all businesses must have this capability if they are to survive the challenges of a virus pandemic outbreak.

Our computer networks are only as secure as their weakest link, this massive increase in remote working and mobile devices now dictates that all devices connected either inside or outside the company are secure to the best of our abilities, each new remote device is a target and potential gateway for cyber criminals to access data and other devices within your organisation.

We are already seeing new and more devious exploit methods and threats from cyber-crime that take advantage of COVID-19 and there is no doubt these will continue to grow over the coming weeks, months and long into the future.

In these unprecedented times we should encourage our remote workers to remain vigilant and be aware of their responsibilities when working from home or remotely but it is our responsibility to support them by always deploying adequate and comprehensive security measures from the outset when rolling out mobile working technology solutions.

We are doing everything we can to protect ourselves physically, we should also take the necessary steps to make sure we are protecting ourselves digitally.

Blog written by Howard Johnson, Cyber Practice Lead – https://www.linkedin.com/in/johnsonhoward/

Further Information

For further information about cyber security tips for home workers from ZDnet, click here.