Diving Into The IT Security Risks Of Working Remotely During Quarantine

Ascendant Network Security

The COVID-19 pandemic has forced companies to rapidly implement remote access solutions for their staff to continue operations. Work tasks are now conducted from employees’ homes via personal computers. This has increased IT security risks for businesses, both large and small.

In October 2019, CNBC reported that 43% of cyberattacks targeted small businesses. The monetary cost of these attacks averaged $200,000. That cost doesn’t include other adverse effects.

A Cybercrime Magazine article, published in January 2019, addressed cyberattacks on businesses. They reported that 60% of small businesses closed their doors within six months of an attack.

If your pulse is increasing, it’s time to learn how to bolster your computer security systems. Continue reading to learn about the top warning signs and actions you can take.

IT Security Risks

Computer security risks arise from many factors. Anytime a remote device connects to your business’ network, you’re at risk. Malware and spam campaigns have dramatically increased since the COVID-19 pandemic began.

Cybercriminals are preying on the fears and unstable circumstances worldwide. Let’s explore specific roads used by hackers to access your systems.

Unmanaged Connections

There are two similar avenues to access a business’ network from a remote location. They can use Microsoft Remote Desktop Protocols (RDPs) and virtual private networks (VPNs). Each one allows a different level of access to the network.

RDP Access

RDP is a proprietary protocol that gives users a remote link to a computer system. The user is able to take over the computer remotely. Users can access all licensed software installed on that machine.  It’s as if they are physically working in front of the device.  This approach is one of the most straightforward solutions and yet the least secure. In fact, use of RDP represents one of the most common security risks.

Most experienced companies don’t allow direct access to their network. They use firewalls and other restrictions to enhance security.  Yet, even these organizations can fall victim to shadow IT operations. These subversive groups strive to find a foothold on unmanaged cloud platforms or via third-party services.

VPNs

A VPN connects to a network via an encrypted connection through the internet. This encryption increases the security of sensitive information. As a result, VPNs are more effective at preventing unauthorized eavesdropping on your network traffic.

Individuals connect to the VPN via a local area network (LAN). LANs join devices such as printers and computers in one physical location. LANs can range in size from a small home network to thousands of users. The LAN gives users the ability to print, download, or access files on a virtual desktop.

In the past, VPN traffic has traveled through full or split tunnel solutions. Today, there are more remote employees requiring access. Thus, many companies are moving toward full tunnel solutions to decrease bandwidth.

VPNs let users access network shares, applications, and internal resources via virtual environments. This remote access solution provides a safer, more secure method than allowing employees to simply “take over” onsite machines via RDP.

Unencrypted Devices

Most people have heard of encryption, but many do not understand what it is or its importance. Have you heard of IoT attacks?  IoT stands for “internet-of-things”. This translates to all devices that connect to the internet. That includes laptops, desktops, and all other types of mobile devices.

In fact, 98% of internet traffic travels via IoT devices. Researchers estimate about 57% of IoT devices have a medium to high-severity risk of an attack. They also found that attackers often gain access via password-related security holes.  Unencrypted devices increase the risk of personal and confidential business data breaches. One unpatched laptop can allow access to other IoT devices and their data. With corporations relying on remote workers, IoT attacks pose increased threats to networks. Likewise, IoT vulnerable devices can infect personal devices.

The important take away is for all systems and interfaces to have reliable encryption protocols. Encrypt all emails so an unintended person can’t eavesdrop. Also, encrypt stored data (“at rest”) in case the device is stolen.

Using PCs with No Antivirus Software Installed

All businesses should make sure remote users install antivirus software. This helps protect devices from viruses, spyware, malware, rootkits, Trojans, phishing, and ransomware. This security utility detects and removes viruses from the computer system. This provides a preventative approach to cybersecurity.

Using Unpatched Software

All computer software programs need updates from time to time. The common term for these updates is a “patch”. These patches also strengthen the software’s security against viruses and other breaches.

When employees run software without the most current patches, their system and your business network are at risk. Threats can occur due to vulnerabilities in the operating system’s programming.  “Zero-day” vulnerabilities describe a security flaw discovered by the software vendor. When software companies find these problems, they issue a patch. Yet, criminals can invade before the patch is in place.

The SANS Institute, a leading security organization, published “The Top Cyber Security Risks” report. They defined the primary initial vector for infection as any computer with internet access. Using unpatched software represented a “priority one” risk.

Criminals often target emails via phishing and other internet connections on the worker’s side. They exploit weaknesses in programs such as Adobe PDF Reader, QuickTime, Adobe Flash, and Microsoft Office.

Users often open or download documents, music, or videos from trusted sites without a second thought. Some attacks don’t even need the user to open a document. Just going to an infected website can compromise the worker’s software. The infected computer can then spread the infection to other internal computers or servers. The attacker’s goal is to steal data and install “back doors,” so they can steal more information later.

So now we must worry about COVID-19 infections and computer system infections.


Ransomware

Ransomware attacks the company’s weakest link: the user workstation. This type of virus infects a personal computer or an entire business network.  It causes systems to shut down and “locks” access to critical business data. The criminal then demands a monetary ransom fee to unlock the system and restore the affected data.

One example of an extremely destructive ransomware virus is “Wannacry”.  It has attacked hundreds of thousands of computer systems. Ransomware can attack both large and small businesses indiscriminately.

Wi-Fi Security

When employees work onsite, the IT department controls the Wi-Fi network security. With remote workers, companies’ risks are higher due to home systems’ weaker protocols. Users often use insecure, outdated security protocols like WEP instead of WPA-2, giving hackers easy access to the home networks and remote systems.

Insecure Passwords

Hackers love cracking passwords. Remote workers that use simple, insecure passwords across several platforms create significant risks.

In a short time, hackers can gain access to multiple accounts throughout your system.

 

Remote Working Strategies for Protecting Your Information

Every company today must develop IT security protocols. This protects both internal networks and remote workers’ devices. In April 2020, four cybersecurity groups discussed the dangers of remote work. This meeting included Global Cyber Center of NY, Cyber Ladies, the Israeli Economic Mission to North America, and Perimeter 81.

They summarized recommendations for developing more robust organizational network security plans. An essential part of every security protocol is a strong plan for backing up all data. Further actions discussed are as follows. 

Move to a “Cloud-Agnostic” Platform

This group recommends moving from the VPN-based platform to a cloud-agnostic platform. In the strictest sense, this refers to tools, services, and applications that can move to and from onsite infrastructures. It can also interface with all public cloud platforms without specific operating systems or other dependency requirements.

Cloud-agnostic platforms are used on two or more cloud platforms. Examples of multi-cloud shared environments include AWS, Azure, and Google.  Another approach is a hybrid-cloud environment, such as Azure Stack. This shares one operating system between an onsite private cloud and the provider’s public cloud.

True cloud-agnostic tools, services, or applications provide reliable and standard performance regardless of the platform used. Companies receive the most cost-efficient service without sacrificing performance.

Companies must have consistent levels of connectivity and automation, no matter where the data resides. You need interoperability between virtual machines, bare-metal servers, and containers. This also applies to IoT edge devices and private or public cloud-based services.

Lastly, you need a scalable network security solution. The network system can add nodes as your system needs to increase. This prevents your company from having to buy larger systems in the future.

Employee Training

Employee education is key to ensuring secure remote work practices. Teach them to identify possible signs their device may have a virus.

  • The computer is running very slowly
  • Files become damaged or deleted
  • The hard disk reformats
  • The device frequently crashes
  • The user can’t find data
  • The user is unable to complete tasks on the computer or the internet
  • New programs appear the user didn’t install
  • Unusual pop-up ads start appearing on the screen
  • The user loses control of the mouse or keyboard

Employees should know about cybersecurity risks. They must watch for suspicious emails, malware, etc. Training should include the steps to take if they suspect a cyber-attack.

The Zero Trust Model

A new strategy is now being deployed to increase remote access security. The “Zero Trust Model” uses an identity provider to gain access to applications. It also makes a decision about the authorization rights to access the application.

This authorization uses determinants from both the user and the device. For example, a certificate is stored in the Trusted Platform Module (TPM), which manages identity checks. It evaluates the origination of the login and what the user’s role is.

Only Work on Work Computers

Establish a policy that all work must take place on a designated “work computer”. This ensures that safety measures are in place each time the employee accesses company networks.  Remote workers can forget to charge their work laptop. They may be on their personal device when they receive a work call. It’s simple to address the issue using a personal device.  This can result in security exposure via unpatched, unencrypted devices without antivirus protection and cloud back up. Workers often forget about all the security measures put in place by the IT department. It’s invisible to them.

Block Lines of Sight

Remote employees need to keep information on their screen blocked from wandering eyes. This is less of an issue with the lockdowns due to COVID-19. Most employees are now working at home.  This concern is more significant if the employee works in public places like coffee shops. Yet, depending on the security level of your work, specific policies may need to be enforced.

Lock It Up

Keep all work-related devices locked when not in use to protect confidential information. Some government contracts, for example, stipulate that equipment always remains behind locked doors. Also, never leave your work device unattended in a car. Thieves love this.

No Random Thumb Drives

A favorite hacker tactic is to drop several large capacity thumb drives in a place they wish to attack. When a user picks it up and opens the files, JACKPOT, the hackers is granted access.  Likewise, don’t use a thumb drive that’s been plugged into an unsecured system.  If you must charge a device via a USB port at an unprotected public place, use a USB data blocker. This prevents data transmission and protects against malware.

Benefits of IT Consultants

This is a LOT of information. As a business owner, you may not have the time, expertise, or resources to meet all these standards. This is when an IT Consultant can benefit your company.

IT consulting services provide tiered packages to meet your company’s needs. Using an IT service prevents the need to hire IT employees with a wide range of expertise.

These IT companies have experts ready to work on problems at any level. This includes knowledge of compliance standards, firewalls, networks, servers, security, and backup/recovery.

Does Your Company Need to Up Its Cybersecurity Game?

Do you have concerns about IT security risks in general or due to increased remote workers with the COVID pandemic? If so, Ascendant Technologies, Inc. is ready to solve your security issues. We’re a Managed Service Provider who offers B2B services that function as an outsourced IT department.

Ascendant can provide IT solutions for businesses of all sizes. You have access to a tiered remote support desk for your employees. Our experts can manage your servers, workstations, and network infrastructure.

Our typical projects include mail migration to Office 365, new server/workstations, new firewalls, and system virtualization to Azure. Contact us today and request a quote for IT services to protect your business.

 

%d bloggers like this: