IT teams have without doubt played a heroic role in enabling business as usual for many organisations, rapidly deploying remote working for thousands of users and keeping the lights on.
However, in some instances, this has exposed organisations to cyber threats as controls used to access systems and data that are normally secured behind the corporate firewall, have been relaxed to facilitate remote working.
With no end in sight to the current coronavirus crisis, if you haven’t already, it’s time to retrofit cyber security controls to protect your remote workers and organisation.
Cyber security: Are employees the weakest link?
It seems there is a modern perception across many industries that employees are the weakest links in IT security. And, technology news website ‘The Next Web’ writes that “given the ever-increasing frequency of data breaches – with human error often being a cause or catalyst – you’d be forgiven for thinking that employees are naturally at fault.”
With the pandemic and lockdown forcing organisations to work remotely, and the media reporting increased cyber crime in light of the crisis, it’s vital that organisations brush up on security and fix any chinks in their security chain.
First though, they must first identify what the real weaknesses are.
Blaming employees for breaches in security is easier than blaming technology. Human error is normally down to the actions of a single person, whereas software failure is more complicated to explain; is it the fault of the software creators, the department managing it or the boardroom members who agreed to implement it?
More often than not, the real culprits of security breaches are neither employees nor technology alone. In the current crisis, mitigating circumstances such as having to rapidly migrate to cloud technologies and remote working may be to blame. Employees who are used to working securely within your perimeter fencing haven’t had to consider the implications of accessing the network remotely, using their own broadband or home computers and devices. Similarly, overstretched IT teams may not have had time to review security policies and strategies in light of remote working.
Therefore, if organisations want their employees to take cyber security seriously, they must invest both time and money in building a security strategy, implementing appropriate policies and controls, and ensuring the right cyber security tools are in place to protect employees and the organisation.
Cyber security tools to retrofit for a remote workforce
If you’re in a position where you need to retrofit cyber security tools for a remote workforce, we recommend exploring these 5 key areas.
1.Training and cyber security awareness
Education is first line of defence. It’s likely that many of your end users haven’t given much thought to the implications of remote working on cyber security. Why would they, unless you raise awareness and provide regular training in spotting threats and ensuring they’re access the network securely.
If employees are using their own devices there are additional factors to consider. One of them, which to our knowledge hasn’t received much attention, is an employees’ family members.
Many households have been forced to share devices for work and home schooling, and therefore there is the potential for someone outside of your organisation accidentally accessing the corporate network.
Basic security procedures such as logging out of corporate apps before sharing a device with another person, and not saving passwords on the device, is all that employees need to do protect their organisation. But if you don’t communicate these procedures to employees and raise awareness of issues like this, many employees could leave your organisation exposed to accidental breaches and human error.
- Advanced email protection
You may be surprised how many potentially malicious emails can breach your email protection products. Many standard products don’t protect against the new advanced threats we are seeing like phishing and spear-phishing attacks. Often they cannot disarm links or sanitise code inside PDF’s either, or remove active content and other malicious components. And only a few standard products have specific protection against business email compromise (BEC) attacks.
What should you be looking for in an email protection product? We recommend using an advanced email security product that includes the following features:
- Multiple AV scanning
- Advanced spam protection
- Unique URL and document sandboxing
- Heuristic scanning and reputation checks to protect users from advanced threats such as phishing, whaling and infected attachments.
- Mobile device security
With many remote workers using their own devices to access corporate systems and data, mobile device management tools are essential. If you’ve migrated to Microsoft 365, Enterprise Mobility and Security can help you secure and manage mobile devices like iPhones, iPads, Androids, and Windows Phones used by licensed Microsoft 365 users in your organisation. You can create mobile device management policies with settings that can help control access to your organisation’s Microsoft 365 email and documents for supported mobile devices and apps. If a device is lost or stolen, you can remotely wipe the device to remove sensitive organizational information.
Microsoft Intune can also help you manage a diverse mobile ecosystem in the cloud, providing integrated data protection and compliance capabilities that let you be precise about what data different users can access as well as what they can do with the data within Office and other mobile apps.
If you would like to discuss deploying Enterprise Mobility and Security and / or Microsoft Intune, please get in touch with our team.
- Multi-factor authentication
An additional layer of security that will help secure your organisation against breaches due to lost or stolen credentials, for example as a result of a social engineering attack, is multi-factor authentication. This also helps protect access to corporate systems if a user has a device lost or stolen, or if, in the case of remote workers and BYOD, multiple people have access to a device.
Azure users can enable Multi-Factor Authentication (MFA) with conditional access, and integrate MFA with on-premises systems. Get in touch if you would like to find out more.
- Network visibility tools
Knowing who and what is accessing your network is crucial. You can’t protect what you can’t see so deploying a Virtual Security Operation Centre (VSOC) will help you identify network blind spots, ensuring that network security policies are not being violated and also search for threats and alert you to any anomalies.
We often compare this kind of cyber security tool to having a smoke alarm in your house. Most of the time it’s not needed, but when it is you’re alerted to threats in real-time so you can respond appropriately and protect your business quickly and limit any damage.
Do you need support retrofitting cyber security controls for a remote workforce? If you have any questions or would like to explore how our cyber security team can help, book a discovery call to discuss your challenges and IT environment.