Predictably, cybercriminals seeking to capitalize on the COVID-19 pandemic with waves of cyberattacks. Many are specifically targeting the huge numbers of people worldwide who are working from home to reduce the spread of the virus.
Remote workers are inviting targets because they lack many of the digital protections that exist in a secure office environment. At-home workers often connect to the corporate network across the public Internet, which creates heightened risk.
In a recent alert, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) outlined some of the risks. CISA noted that hackers are looking for unpatched virtual private networks (VPNs) and ramping up phishing email designed to steal network credentials.
We suggest the following practices for securing remote access and reducing the risk of attacks and data breaches during this unprecedented crisis:
Update your VPN regularly. Data transmitted through a VPN tunnel is encrypted and protected in transit. With VPNs experiencing heavy use, organizations often figure they can’t afford the downtime required to install updates and security patches. That’s a mistake. Research shows that VPN attacks are a prime method of stealing credentials and compromising networks.
Consider split tunneling. The sudden increase in usage can overload VPNs, leading to slowdowns and packet loss. Split tunneling can alleviate bottlenecks and conserve bandwidth by routing non-essential traffic such as web browsing away from the VPN server.
Require multifactor authentication (MFA). Don’t rely on passwords alone for remote access. Industry analysts say as much as 80 percent of all data breaches involve weak, default or stolen passwords. MFA requires a combination of verification factors, such as something the user knows (a password or PIN code), something the user has (a security token or mobile app) and something the user is (a biometric identifier).
Implement identity access management. IAM tools manage access privileges by combining user provisioning, password management, strong authentication, single sign-on and other technologies into comprehensive platforms. These tools can be used to enforce least-privilege access principles that ensure users can access only the data and systems necessary for their jobs.
Secure all endpoints. Remote workers may use a variety of devices to access network resources, which creates multiple attack surfaces. Endpoint security solutions usually consist of software loaded on a server or gateway appliance, where it can be accessed by devices with lightweight client software. The server authenticates logins from the endpoints and updates the client software when needed.
Consider network access control. NAC solutions enforce policies that manage and control which users and what devices can access corporate networks. Policies for endpoint configuration, authentication, user identity and more establish the conditions that must be met before access is allowed.
Offload firewall management. Firewalls are essential for preventing unauthorized access, but they can be difficult to configure and manage. Gartner analysts say that almost all firewall breaches are caused by misconfiguration issues. A qualified managed services provider can perform the dedicated monitoring and management required to ensure firewalls are always properly patched, updated and audited.
Stress good Wi-Fi practices. Remote workers should never use public Wi-Fi networks when connecting with the corporate network. Hackers often mimic the names of legitimate public networks or create rogue access points to hijack a session and steal credentials or launch malware.
Remote work has been trending upward for a decade, but the current health crisis has made it mandatory in industries worldwide. It is therefore essential that organizations and their employees understand the potential risks and do all they can to minimize their vulnerability. Contact Verteks for help ensuring that your remote workers can access company resources securely.
