Coronavirus Outbreak Compels More Companies to Endorse Remote Work Requests

[harlan4096]

Remote Work Security for Coronavirus-isolated Employees.

As health authorities worldwide struggle to contain the coronavirus outbreak, numerous company owners have decided to implement voluntary work-from-home regimes, effective immediately. Coined the “largest remote work experiment” by Fortune, for all intent and purpose, the aim is to reduce the risk of infection among employees and, at the same time, ensure business continuity.

Tech giants such as Google and Twitter have already fallen in line – Google’s Dublin headquarters is currently running on a ‘skeleton crew’ after corporate has ordered all 8,000 employees to work from home, as well as avoiding the Grand Canal Dock.

Twitter has taken a similar countermeasure on Tuesday, encouraging most of its global staff to take up remote work from home. A significant increase has been observed in online search queries for job postings that endorse remote work, especially in Hong Kong and Singapore.

Although millions of Chinese citizens have been confined to their homes in the wake of the outbreak, President Xi Jinping continues to put pressure on the companies to resume work in a bid to destabilize China’s declining economy.

In the interim, employees greenlighted to work from home, have been issued several recommendations in regards to the schedule, attending online meetings, and how to remotely access the company’s resources.

Heimdal™ Security has also joined the global initiative of coronavirus prevention. And, as more and more companies have endorsed the remote work regimen for the duration of the outbreak, the need to set up a secure remote work environment is imperative.

As your employees will most likely using their personal home devices (BYODs) in order to access sensitive company resources, steps must be taken to prevent cybersecurity incidents such as data compromise or leakage.

The same countermeasures should be applied even if the employees choose to work remotely on company-issued machines since resources will be accessed from potentially compromised networks.

Below you will find a list of actionable advice that will help you achieve cybersecurity resilience during the coronavirus-triggered ‘sabbatical’.

Some numbers you should be aware of…

95%…of SMBs are likely to allow work-from-home options in the wake of the coronavirus outbreak.

90%…of cybersecurity experts agree that remote workers are a threat to the company’s cybersecurity.

81%…of interviewed CIOs said that companies have registered unsecured Wi-Fi related incidents (as per iPass’ 2018 Mobile Security Report).

40%…increase in Zoom shares (video conferencing software provider) since the beginning of February.

30%…of companies around the globe are prepared to accommodate work-for-home requests.

3%…of the United States’ workforce is working from home (around 3.9 million people).

10…types of corona-related malware have been identified since the WHO announced the Wuhan outbreak.

Remote work security and business continuity advice

We at Heimdal™ Security believe that the foundation of any sound and ‘healthy’ remote home policy should rest on three major pillars: persistent app patching, intuitive admin rights demounting, and unified threat prevention & palliation. Up next, here is a list of actionable advice your company should consider if you plan on allowing your employees to work from home.

Early planning reduces the impact on productivity

To avoid any productivity ‘hiccups’, the employee should prepare his\her workstation. This entails various issues and challenges: is the employee allowed to take the workstations off-premises? If not, is the company able to provide mobile solutions (i.e. laptops, tablets, virtual workspaces)?

The employee should also be ‘encouraged’ to take steps in order to facilitate the transition. For instance, if the company cannot provide mobile workstations, the employee should have access to secure password management software, cloud-hosted workspaces, and, of course, the company-owned backups.

Beyond that, as an employer, you must point out that there’s no distinction between working office hours and remote work. The reason why I chose to bring this to your attention is that most employees see WFH (work from home) as a sort of vacation – a chance to get away from nagging managers and see to other chores that would otherwise be impossible to accomplish. I won’t dwell on this, for this is not the purpose of this article.

Setting up your WFH security policies to prevent cyber threat-related bottlenecking

Instilling a prolonged work from home rule, requires you to take additional steps to protect your company’s assets. In regards to the actual workspace, you should keep in mind that your employee may choose to work from a location other than his/her home. This alone can increase the risk of a data breach, since the employee may choose to connect from public and, hence, unsecured Wi-Fi network.

Despite not being able to order your staff to work from a specific location, you can, in fact, mitigate the associated risk by opting for a DNS filtering threat-prevention solution, instead of relying on your company’s firewall AMC (Advanced Management and Control) to filter traffic and continuously modifying inbound & outbound traffic rules and exceptions by hand.

DNS filtering, the latest cyberthreat mitigation technology, is slowly becoming an industry-standard – traffic is analyzed at infrastructure-level, all malicious connections being blocked before the hacker has a chance to download and execute the malicious script (s) on the targeted endpoint.

The solution addresses companies endorsing BYOD and WFH policies; regardless of geographical location, network connection, and device used to retrieve company assets, perimeter DNS filtering is the de facto answer to ensuring the protection of your sensitive data.

Another remote work challenge, especially in long bouts, is making certain that all the apps connecting to your company’s databases are up-to-date or having received the latest patches/bug fixes. One should not forget that the act of patching closes up to 80% of software-related flaws that could otherwise be exploited by malicious actors.

A solution such as Heimdal™ Security’s Thor Foresight Enterprise is able to take most of the heat off your sysadmins in charge of testing and deploying patches, updates, and fixes on individual endpoints.

Foresight’s X-Ploit Resilience module can update all the applications and software currently running on your machine. The list of supported apps is constantly updated. This means that the employee doesn’t have to come in to solicit a vital app or system update.

X-Ploit has pre-defined, all-purpose apps and drivers, but your sysadmin can create custom .msi packages and upload them in Heimdal’s Infinity Management module (available on-demand) for immediate deployment and installation. With such a solution, you can achieve true cyber-resilience, moving beyond cumbersome software patching and deployment approaches.

Recursive perimeter DNS and automated patching will streamline the entire software maintenance while removing any ‘hiccups’ that could potentially hamper the employees’ productivity during the voluntary remote work sabbatical.

This brings us to the third and final security advice: remote management of admin rights requests. If your employees will continue using their work machines while at home, you need to apply a full-spectrum solution to handle user rights and subsequent requests. Why company owners should push for more proficient admin rights management was covered by Miriam’s article about privilege de-escalation.

A one-stop solution will solve any obstacles along the way (i.e. employees gallivanting to the IT admin to request additional rights to install a new piece of software or update an existing one), not to mention the fact that scaling down everyone’s rights (apart from those of the sysadmin’s, of course) is one of the most efficient way of combating insider threat.

Furthermore, a full array admin rights management solution such as Heimdal™ Security’s Thor AdminPrivilege™ can curb the spread of the infection throughout the entire network by automatically de-escalating the user’s rights. This is done automatically, upon threat detection.
...

Continue Reading