COVID-19 forced many companies to create a remote work policy. In an ideal circumstance, this shift would allow more time for optimizing long-term IT transformation efforts. Now, a year into the pandemic, many companies continue to operate in a flexible, work from anywhere environment.
Whether this is a temporary solution for the health and wellness of your team, or a deliberate choice to offset your office footprint, cyber security should be at the top of your priority list. We caught up with Vince Rocca, Chief Information Officer of Digital Hands, to get our top security questions answered.
From VPNs and collaboration tools like Slack to virtual desktops in the cloud, here’s everything you should know about keeping your data safe and your employees cyber-smart. After all, a company’s data is only as secure as the weakest individual link.
Are home computers safe to use?
The pandemic resulted in many employees having to use their home PC’s. That’s always a problem because you just don’t know if those systems are secured or if they’re up to date with the latest patching. Do they have security software installed? If they do, is it updated? Is it a good security solution for their home computer?
What should you know about VPNs?
What happens a lot of times is that organizations will allow users to connect in with VPNs. A VPN extends the corporate network to the endpoint. So, you’ve got a home PC that is potentially insecure that now has a conduit into a corporate environment that could be a path in for any malicious software or malicious activity. That is if that organization is allowing users to use their home PC.
What about popular collaboration tools?
Collaboration platforms like Slack and especially Microsoft Teams, are not secured. Unlike other Microsoft products like Exchange online Teams does not include built in protection. In other words, the information that is going back and forth in chat, the files that are being sent back and forth, the interaction that’s happening across those paths is not being scanned with traditional security tools. Those paths are completely wide open.
There’s been several instances where vulnerabilities were discovered just by the simple transfer of a picture file—jpeg or png file—malicious software could have been transferred back and forth. Because that vector is not scanned for malicious activity, it can bypass defenses.
For example, a malicious external user or insider could be sending files and sensitive data and it would go unnoticed. Slack and Teams have proliferated like crazy during this time and so much information just isn’t scanned.
Sensitive information (health, financial, product related and insights into revenue, for example) being intercepted is a concern, but it’s not the primary concern. It’s that the data can be transferred and your typical security measures like your anti-virus programs or endpoint detection and response platforms are not monitoring those vectors.
How does this affect remote worker termination?
There are all these workstations and laptops that are not corporate owned assets. With all this remote access going on, data is being exchanged between home/personal devices and a corporate network.
If there is a separation with the employee, that data may be left on that person’s personal computer. It’s very important that the right systems and processes are put in place to make sure that corporate data stays on corporate devices and is not left behind on users’ PCs.
At Digital Hands, we are very big proponents of giving people virtual desktops in the cloud. All that’s happening when they connect is they are actually running a desktop not on their home PC, they’re not connecting to a corporate network, what they’re doing is logging into a system using multi-factor authentication and running a virtual desktop in a cloud environment that is controlled by digital hands and there is no exchange of information with their home PC. Everything is contained within the cloud. So, if there is separation with the employee, there is nothing left on their PC. Because everything was in the cloud.
What are some solutions?
We asked Vince for a couple easy steps companies and teams can make to ensure that their security structures are up to date. Here are his biggest recommendations:
Enable multi-factor authentication
Are these physical devices secure from an access perspective? Have they implemented multi-factor authentication? Are timeouts configured ? If the PC is idle for more than ten minutes, does it lock itself, so can someone just walk in and have access to a corporate environment?
Let’s say a person does get access to that corporate environment, are there other forms of protection in place? For example, are the applications also secured?
Offer security awareness training
With this new remote environment, many users don’t think that they have to protect their workstation. A lot of employees are used to a corporate environment where physical access is secure unlike their home which may not be.
Think of security awareness training as the next level of defense. Technology can only go so far. Training should cover both common sense scenarios like protecting your data and not leaving sensitive information on your screen and walking away, to more intricate security revolving around collaboration tools and VPNs.
Protect at an application level
We’re big proponents of making sure that both the perimeter is secure as well as at the application level. In the past, the mindset was that you just had to protect the perimeter but that’s no longer the case;you have to protect multiple levels throughout the organization.
Invest in a cloud security service
We are so bullish about our cloud security service that we just launched because in addition to scanning emails for malicious activities, it also scans Slack, Teams, OneDrive, and other tools that are widely used today. They not only scan for malicious files but for behaviors and exfiltration of data that could be malicious from both external and internal users.
The Bottom Line
Thorough onboarding is extra important here, because some employees will be naturally more tech-savvy than others. Ongoing maintenance of the safety checks should be prioritized as well. Encrypting your devices, using supported versions of your device’s operating system and keeping the operating system and software up-to-date should be enforced.