Organizations and companies of all sizes have started adopting work-from-home practices to ensure business continuity and limit employee exposure to a potential viral infection.
The main cause of data breaches has traditionally been employee negligence, with studies showing 17 percent of data breaches in 2019 were caused by employees. With work- from-home procedures in place, organizations could face an increase in attacks that could lead to data breaches. It’s vital that both employees and organizations take proper precautions to limit this risk and monitor, react and contain any sign of intrusion within corporate networks and compromise of employee endpoints.
Top 5 security risks when the company is deciding to send most of its employees to work from home
When sending employees to work from home, some companies may face operational risks such as not being able to support a large number of simultaneous VPN connections to their infrastructure and services. This can cause discomfort for employees that need access to internal resources and may even place additional strain on IT teams, if they’re not prepared for this.
While this is not a security risk per se, it can disrupt work and place additional strain on an IT department that’s already overworked and overburdened trying to fix the issue on-the-go. There’s also the risk of not properly implementing access, authorization and authentication policies, which may result in employees accessing resources that they shouldn’t.
To minimize the risk of unsanctioned remote access to its infrastructure, IT and security teams should make it clear which VPN clients, services and applications are supported by the organization. Any attempt to access internal infrastructure with unsanctioned tools should be treated as a network security risk and blocked immediately.
Since some organizations have a strict IT policy for centrally managing and deploying software and security updates to endpoints, gradual rollout procedures should be devised for deploying those updates. Delivering them all at once to VPN-connected employees could create bandwidth congestion and affect inbound and outbound traffic.
Last, but not least, enabling disk encryption for all endpoints should be a priority, as it minimizes the risk of having sensitive data accessed or compromised due to device theft.
Best practices for companies (especially IT department and IT security ops) when deciding to enforce work-from-home policies
Organizations should consider deploying security solutions that feature strong web security protection on employee endpoints, as well technologies capable of preventing network vulnerabilities from exploitation. Phishing scams and fraudulent websites have soared in an attempt to capitalize on employee curiosity and negligence, which is why organizations need strong antiphishing and network attack defense technologies that can accurately detect and block such threats from preying on employees who work from home.
Before deciding to enforce work-from-home policies, IT and security teams need to assess their resources, project how much strain they need to support to enable remote employees to work in optimal conditions, and assess what risks must be factored in and address.
For example, bumping up the number of simultaneous VPN connections to accommodate all remote employees should be first on the security best practices list.
Setting up and supporting conferencing software that ensures a stable voice and video connection should be a priority, as most meetings will occur virtually and reliability is key.
Making sure that all employees have valid credentials that don’t expire within less than 30 days is also mandatory, as changing expired Active Directory credentials can be difficult when remote. A large number of employees may need to change their passwords before leaving the office, but it’s a hassle-free procedure that is best to address proactively rather than reactively.
Sending out rules and guidelines regarding accepted applications and collaborative platforms is also a must, as employees need to know what is sanctioned and what is not.
Combined with the deployment of network security, monitoring and logging tools, IT and security teams can be notified whenever untrusted connections or unauthorized applications are spotted, in order to quickly block them.
Is it safe to outsource IT security and some of the typical IT infrastructure management?
Sourcing IT security give small and mid-sized companies the right expertise, knowledge, tools and procedures. Internal IT and security teams by already be overburdened and overworked, which is why outsourcing IT from MSPs can be more effective in terms of both time-to-implement and effectiveness.
Of course, MDR (Managed Detection and Response) services could also help with threat hunting, especially under work-from-home scenarios where the infrastructure might be more vulnerable to outside attacks. These skilled cybersecurity teams could help devise security strategies and deploy the right threat-hunting tools to spot any sign of a data breach. The added benefit in these scenarios is that businesses get access to the best security experts, while keeping operational costs down. This means they can enjoy the same benefits as large organizations with internally-funded SOCs (Security Operation Centers) at a fraction of the cost.
Companies and organizations with the resources and manpower to deploy, manage, and secure their infrastructure can turn to an integrated EDR (Endpoint Detection and Response), Endpoint Risk Analytics (ERA), and EPP (Endpoint Protection Platform) that offers a single agent and single console architecture. This gives IT and security teams complete visibility across their entire infrastructure and endpoints, while minimizing attack surface and making it difficult for attackers to compromise the organization’s security.