The COVID-19 pandemic has made telecommuting essential: dozens of employers are transferring employees to home offices. This convenient format reduces the probability of virus infection but, at the same time, entails many cybersecurity risks. The rising trend has been also caught by criminals—public sources claim that the number of targeted attacks on organizations in recent days has increased dramatically.
For many years, the concept of corporate information security revolved around working in the office, within a controlled infrastructure perimeter. Job specifics enabled some employees to switch between corporate, public, and home networks, but their share was relatively small. There were fewer telecommuters, and it was easier for IT and Cybersecurity departments to control them. At present, remote connections have become ubiquitous, and it has become much more important to organize remote access properly.
New conditions demand the reinvention of the approach to corporate information protection. It is not possible to apply a full set of corporate security features to employees' home networks, but there are many solutions that protect teleworkers. Remote access devices can be conventionally divided into 2 groups: personal and corporate devices.
Each group has its own specifics. Personal devices are the property of users; they often contain personal or private information, and the scope of possible security measures is limited. Protecting such devices requires a special approach, but is still a realistic objective.
Personal device security
The first and foremost step is (if it has not already been done) to implement a second user authentication factor (two-factor authentication, 2FA). The most convenient option is a mobile application that generates a one-time password (OTP) for the user in addition to the main password. This will significantly complicate any attempts to hack into a corporate environment that would otherwise be vulnerable to password bruteforcing.
The second security tool that we recommend is capsules (security containers). Before the pandemic, the vast majority of users already had access to email and other important corporate resources from their mobile devices. But now, the issue of protecting these services and the information they hold has become crucial. Strict data protection measures for personal devices might turn redundant and perceived by users as an invasion of privacy. To solve this task, you need security tools that would protect information on mobile devices without the abovementioned factors. The solution allows you to isolate corporate applications in a special encrypted container in the memory of your smartphone. You can configure user permissions for this area (prohibit screenshots, copying, transferring files, etc.), and secure information without affecting the existing business processes. If necessary, it can also be used on corporate devices.
Corporate device security
The toolset for corporate-owned devices is slightly wider. Unlike personal devices, they are always protected by antiviruses or other security tools. All that remains is to monitor compliance with security requirements and policies. For this purpose, you can use the compliance functionality offered by many firewall agents. How does it work? When a user attempts to connect via VPN, the agent screens their workstation: is the latest OS version used, are the antivirus signatures up-to-date, are there any running blacklisted applications or applications prohibited by the corporate policies. Thus, although the functionality does not offer direct workstation protection, it checks that all security measures are applied and the workstation can access corporate resources.
For corporate laptops and smartphones, there are many more options to control their status, user permissions, and overall device security. It is a sound idea to control and protect them with MDM/EMM solutions. This will allow IT and Cybersecurity departments to monitor permitted user actions and applications on such devices, to block and wipe (reset to factory settings) lost or stolen devices to prevent intruders from accessing sensitive information, and to reveal rooted/jailbroken devices and apply appropriate actions to them.
Users' devices have limited protection in home and public networks, so antivirus security becomes particularly important. Corporate devices almost always have antivirus agents installed, but mechanisms of their protection may appear insufficient in new conditions. A logical measure would be installing additional security tools on corporate devices and complement antivirus software with protection from ransomware or exploits. They supplement conventional tools with advanced protection against unknown threats and, as a result, enhance the protection of corporate resources from attacks via user devices.
General recommendations
Fine-tuning the firewall rules and user access rights for corporate resources is crucial in current conditions. Leverage the ability to create time-dependent firewall policies and limit the time frame in which external access is allowed (it is usually hard to believe that a user wants to work remotely at 3 a.m.). Also, the rise of telecommuting is a great reason to start rebuilding and applying ZeroTrust policy, which will reduce the number of possible attack vectors, and thus will improve the overall network security.
To make your remote access security system reliable and efficient, address a reliable service provider with extensive experience in cybersecurity. Experts from specialized companies will select and implement the optimal solutions in accordance with the best practices and provide technical support to reduce the workloads of IT and cybersecurity departments, which has increased dramatically due to the massive adoption of teleworking.
Interested in solutions and services that ensure full involvement of all quarantined and self-isolated employees, as well as other teleworkers, in your business processes? Have a look at https://softline.ru/remote-work.
