single-blog-img

Understanding Remote Work Security

23 Mar , 2021

Small businesses remain consistently vulnerable to cyber attacks. When considering how to build your IT infrastructure, it’s essential to build cloud native security into your infrastructure. Keep reading to better understand key vulnerabilities in a remote environment, as well as essential methods to ensure security for your team – whether you’re working remotely or back at the office.

Protecting your IT infrastructure

There’s a witticism in the world of security (albeit not a common one) that goes something like this:

There are three ways to break into a building: from the roof, from beneath the floor, or through a wall. So, to stop someone from breaking in, businesses need to protect the roof, the floors, and the walls.

It’s tongue-in-cheek, of course, but it can be helpful to think of IT infrastructure in such simplified terms. If you can picture every avenue through which an attacker might break in, you can picture everything you’ll need to do to prevent them from being successful.

Corporate IT networks are a bit like buildings, too. They are a single structure with avenues to the outside:

  • The open web
  • Email
  • Vendor portals
  • And more

Tools like antivirus  and security monitoring software, employee education around phishing, and cloud native security can drastically improve your business’s ability to withstand cyber attacks.

When employees work from home, businesses are forced to monitor both physical and cloud spaces. The addition of cloud collaboration services, often a necessary tool for remote work, introduces far more doors for attackers to force themselves in through.

How remote work environments get hacked

When attackers work to breach a system, they approach the system at “attack surfaces.” When discussing the attack surface of a system, this refers to all the possible ways an attacker can breach a system. Continuing with the house metaphor, the attack surface includes vulnerable features like doors and windows, and locations where there may be flaws in the current security system.

If the attack surface of an IT network is like a building, a remote work setup has the size and complexity of a village. And, sure, it’s possible to put a gate around an entire community –but it takes a whole lot of effort to set up and police.

Let’s consider some of the security challenges that arise when employees aren’t all in the same physical building:

  • Phishing: Phishing scams often take the form of an email from a colleague. When everyone is working remotely, it can be more difficult to spot such a scam. You can’t walk over to your colleague’s desk and ask “hey, did you send me this link?”
  • Home networks: Although hacking directly into home networks is rare (it’s not usually economical for hackers), it’s not unheard of either. The more common attack vectors are the other devices connected to the same home network. A roommate’s laptop, or a simple IoT device, can transmit nasties over the network onto an otherwise secure work computer.
  • Public networks: As if home security wasn’t bad enough, plenty of folks prefer working in public: in a coffee shop or coworking space (pandemic aside), or the park when it’s nice outside. There are secure ways to use the internet from such spaces but, more often than not, people connect to local WiFi networks. This is so inadvisable that it deserves its own article.
  • Shoulder surfing: Arguably the easiest, most low-tech method of hacking is simply to look over someone’s shoulder while they’re typing in a password, or looking over a sensitive document. In public, pulling this off is very simple.
  • Remote software: Remote work requires all kinds of software–software for communicating with your team, collaborating on documents and presentations, and so on. Employees must choose wisely, though, as not all software is made equally secure.

Ultimately, all of these concerns are rooted from the one, inescapable fact of distanced working:

It’s more difficult for a company to keep remote employees secure than it is for malware on a remote employee’s laptop to reach the company.

Think of it like a steep hill: difficult to go one direction, effortless to go the other.

How to secure remote work environments

With all of this in mind, we can say that there are two approaches to security in a remote work setup.

The first approach is to focus on protecting employees from contracting malware. Obvious as this may be, it is no small task.

Let’s review a couple different ways a company can help its employees with their cybersecurity.

  1. Training: Many third-party companies offer training for employees in how to spot phishing attacks and other cyber threats that come up during work. The more knowledgeable an employee is, the better they’ll be at protecting themselves.
  2. VPNs: A virtual private network (VPN) is like a secure, underground tunnel connecting a remote worker with the company network they’re logging onto. Encrypting all traffic makes it much more difficult for an outside party to break in. The trouble with VPN’s, however, is that employee use of them can be variable – many employees often fail to take that extra step.
  3. Password resets and 2FA: A company can encourage good cyber hygiene of its employees by requiring passwords resets at regular intervals. Two-factor authentication (through SMS or email or, more ideally, via an authenticator app) means that even if a hacker does manage to steal an employee’s login credentials, they won’t be able to act on it without the secondary authentication mechanism.

The second approach to security in a remote environment is to admit that employees pose an inevitable security risk. In this view, rather than trying to protect every employee from every possible threat, you focus on protecting the company itself from employees. It sounds harsh, but it’s for the greater good. A breach of one employee’s laptop is bad, but a breach of an entire company’s IT infrastructure, and potentially everyone connected to it, is much worse.

Let’s consider a few ways a company  can keep its home field secure, even from its own employees.

  1. Privileged access management (PAM): Not every user on an IT network has equivalent privileges. A system administrator will be able to access parts of the network that an intern won’t even know are there. It’s crucial, therefore, that these two accounts be separated in such a way that a breach of one does not equate to a breach of the other. This is the specialty of PAM providers.
  2. Network segmentation: Some IT networks are built like valleys – open, even across, so that it’s easy to travel from one end to the other. Meanwhile, more secure networks are built like mountain ranges: uneven, with tall barriers blocking passage from one area to another. Having firewalls and privilege checks between less and more sensitive areas of a network makes it more difficult for malware to transmit from an employee laptop to more sensitive areas of the corporate network.
  3. Network monitoring: This involves keeping track of the activity occurring over a network, including the data traveling in and out, in order to catch hackers in the act. Network monitoring is a big job that’s almost always done using AI with human assistance. On its own it’s not sufficient to spot every possible attack, as hackers have all kinds of ways of masking their activity to bypass the AI. Nonetheless, it is a step in the right direction.

Certain solutions may fit some companies better than others. In the end, though, the principle remains the same for any company operating in a remote setup. Namely, that it is harder to protect a village than a building. It requires more resources, teamwork, and strategic thinking.

Since COVID will be around for a while longer, and remote work may well continue even after, these issues won’t be going away any time soon.

Get in touch with our team to discuss the security of your remote IT infrastructure.

Leave a Reply

Your email address will not be published. Required fields are marked *