Millions of people are working remotely around the world due to COVID-19 stay-at-home orders, revealing new security vulnerabilities.
The number of remote workers has dramatically risen since the start of the COVID-19 pandemic. To ensure employees are safe from the coronavirus, companies are having people
work from home; however, this has made companies more vulnerable to computer viruses and cybercriminals.
Are home networks ready for corporate devices?
The novel coronavirus has raised a number of questions when it comes to remote working. For some businesses, the question of whether or not they can even be run remotely is raised. Others wonder what working from home means for the security of sensitive corporate data.
Home working also raises the specter of
data privacy,
cyberattacks, scam and hacks facilitated by less-than-secure home networks. Typically devices operated inside the physical confines of an office environment are not configured for use outside of the corporate firewall. The current situation is putting these devices and home networks to the test.
“Services like network discovery, wireless printing and RPC/SMB haven’t been disabled, and are now exposing these devices to greater threats, considering the lack of security measures deployed on home networks,” said Kevin Donegan, VP of Strategy and Cyber at
Convergint Technologies, a major systems integrator based in the U.S.
Ensuring that employees have basic security knowledge is important. Simple things such as making sure the home Wi-Fi routers are secured and not opening phishing emails can go a long ways.
Changing protocols
It’s hard to remember the times when connected devices weren’t commonplace. Nowadays, with everything connected, we probably don’t pay as much attention to network security as we should. Unfortunately, this means we may be leaving our
network communications vulnerable to eavesdropping.
“We take it for granted that our devices can connect to file servers, databases and other corporate applications within our secure networks, so many times our transactions are unencrypted. In some organizations,
IT has opened up access to operators from home, but communication protocols have not been changed, nor steps taken to secure the channels,” Donegan said.
Making sure that home network connections are encrypted can help keep data and devices safe. There are several different Wi-Fi encryption standards to choose from, but its recommended that WPA2 or WPA3 be used. Also, remember to choose strong passwords.
Deploying new technologies for better security
As global economies struggle to cope with COVID-19, Donegan explained that attack surfaces are expanding exponentially while budgets are being cut and personnel furloughed.
“Most organizations did not have a plan to transition their workforce to a work-from-home model in their business continuity plan (BCP), so they are scrambling to make this up as they go,” he said.
To do this, businesses are going to need to deploy new technologies to secure and maintain devices, create procedures for remotely managing and updating the devices, and manage a process for mitigating threats on devices physically isolated from security tools.
“Very quickly, new technologies need to be selected and deployed, process and procedures must be created, and personnel need to be trained on the technologies and procedures,” Donegan advised.
Prepare for the future
No one knows how long the current pandemic will last or for how long stay-at-home orders and social distancing will remain in place. For now, remote working will be the norm, which means it is critical to address all the security risks associated with working from home.