6 minute read
Working Remotely
from Cyber Security 2022
by 3S Media
CYBERSECURITY IN A REMOTE WORKING WORLD
When the world became aware of the Covid-19 pandemic and the global lockdowns began, the shift to remote working happened virtually overnight. This obviously created a whole host of new security challenges that had to be overcome.
Advertisement
The difference between February of 2020 – when most business users sat behind a corporate firewall all the time, with very few remote users operating – and March, when the largest majority of users were suddenly working from home, was enormous.
According to Ralph Berndt, director: Sales and Marketing at Syrex, a provider of remote solutions, this opened a whole new angle of attack for cybercriminals. He notes that from the outset, slews of bot emails were sent out with the aim of compromising users whose home environments were far less secure than their corporate one.
“People were bombarded with spoof mails designed to compromise their security, many playing on the fears of the then unknown virus and the thirst for information about the global crisis,” he explains.
“The criminals knew most users were in a position where they were unlikely to be able to afford to run their own virtual private network (VPN), so they conducted massive email campaigns trying to compromise users in order to gain access to their corporate networks.”
Ultimately, says Berndt, it came down to how prepared organisations were for remote work. Moreover, while the mass move to remote work demonstrated the importance of tackling SA’s connectivity issues, it also showed how vital it was to be able to securely access critical systems that were still on-premises. This led to a knee-jerk reaction from many companies to obtain more VPN licences, in order to be able to authenticate large numbers of users.
A new dynamic “The rise of collaboration software also created a whole new dynamic in terms of how business was done, but while the ability to collaborate with and share information among employees was wonderful, the pandemic also forced the development of such tools at a rapid pace. Years were shaved off the adoption timetable, and although a straightforward Teams or Zoom call was less of a security challenge, anything involving the sharing of documents, screens or data was a target for the bad guys.”
“One thing we definitively noticed was a rise in website honeycombing, which is when duplicate websites that look similar to the real one are created to fool people into going to these compromised sites.”
Another security challenge he highlights was the rise in manipulated invoices and bank information. He explains that an increasing number of invoices were illegally manipulated to convince finance departments to release payments they were not supposed to. This, he adds,
KEY FINDINGS FROM THE CITRIX THE STATE OF SECURITY IN A HYBRID WORLD REPORT 2021
• Over half of global businesses have reimagined their businesses • Work from anywhere is here to stay • Technology response has been swift • Security and the employee experience can’t be separated • New protocols enhanced employee experience and increased productivity • Knowledge workers embrace the notion of security as shared responsibility
The top three challenges to hybrid/anywhere working, according to end users: 1. poor connectivity (43%); 2. having to solve technical problems virtually (34%); 3. the inability to get IT support quickly/ easily (32%). – Citrix’s The State of Security in a Hybrid World report 2021
occurred either through manipulation by an employee, or an external party that had compromised enough machines within the business to understand where and how to make such changes on an invoice.
“The key to reducing the cybercrime prevalent in the early months of lockdown was the implementation of multifactor authentication (MFA). The requirement for two or more methods of authentication reduced the reliance on easily compromised passwords.
“Other areas of security that were comprehensively boosted during this period included the hardening of endpoint protection, strengthening of firewalls, and improved security around applications that may otherwise have exposed users further. However, the real key lay in identifying the user from the beginning.”
This, he continues, was a game changer, as it made it easy to securely identify the user and ensure they are who they say they are, through the use of additional security measures like fingerprints or one-time PIN (OTP).
“With the implementation of MFA, a balance had to be found between strong security and enabling workers to perform optimally, without getting bogged down in endless security processes,” states Berndt.
A partner is the answer Asked what advice he would give organisations seeking to improve their security at present, he says that the simple answer is to work with a partner that is a security specialist.
“Remember that the speed with which the criminals are adapting to technology development, the increasingly ingenious methods they use, and the rapid pace at which security technologies themselves are evolving mean it is nearly impossible for organisations to remain secure without an experienced partner.
“It’s also human nature that as people become more familiar with a particular technology, they also become more complacent about the security surrounding it. On the other hand, this would be a security partner’s bread and butter, so their focus on the challenge should remain resolute.”
Pointing out that the required security tools are not necessarily expensive, he adds that by bringing in the right partner – a trusted advisor, as he calls it – means they will not only be able to roll these out effectively for your business, but also assist with comprehensive end-to-end security management. They should also provide economies of scale to the client, which will reduce the cost.
“Today, you simply cannot do it all yourself. If you try to do so in order to cut costs, you may achieve this in the short term, but the long-term damage inflicted by an attack will prove to be far worse. Moreover, if you are an SME, you don’t want to be distracted from your core business by issues around IT and security, when all you require is simplicity and ease of use.
“The other thing to consider is how rapidly and fundamentally the world has changed recently. The rise of collaboration software has created a whole new work paradigm, boosted productivity and significantly reduced costs. The rapid changes to both technology and work method have opened up new attack paradigms and vectors, so working with a security expert is more critical than ever.” Lessons to be learned One of the key lessons learned by organisations during this time, he says, relates to how businesses can better manage their internal systems and information, while ensuring which remote workers are granted access to particular parts of the business.
Another lesson has been around how to simplify endpoint access – vital when so many staff members work from home – while at the same time hardening these points from a security point of view.
“Looking at the longer-term impacts, I think businesses will find they are ultimately better prepared for the more technically and digitally enhanced world that has arrived. At the same time, they have learned that remote working does not make employees less likely to complete their work – in fact, it has led to an increase in outcomes-focused results.
“With all the tools we now have to enable this, I highly doubt we will again see a situation where every employee works from the office. From a technology point of view, workforce management tools will become increasingly important.
From a security perspective, he continues, organisations have mostly adapted their systems to suit the new normal. Although the plethora of tools that now exist to facilitate remote working open new attack vectors, companies are also adapting.
“I believe the next key security discussion to be had will be around the issue of zero trust, which is the next logical security step after MFA. After all, it remains imperative that companies continue to evolve their security posture because, as the pandemic has proven, cybercriminals are constantly adapting their attack methods,” concludes Berndt.
The top three information security protocols companies have prioritised to better secure remote and hybrid workforces are multifactor authentication, additional employee education, and cloud/SAAS use visibility/control/security (all 28%). – The State of Security in a Hybrid World
