How to Maintain Security When Employees Work Remotely‍

Work conditions have changed in the last few years since the outbreak of the COVID-19 pandemic. Remote work has become a necessity for most organizations. According to the latest research projections, 25% of all professional jobs will be remote in North America by the end of 2022.

The benefits of remote have allowed this work mode to be maintained as lockdowns and other pandemic measures ease. The benefits include increased employee productivity and decreased office costs. However, remote working imposes additional security threats to an organization’s business continuity and data integrity.

This article discusses the challenges of working remotely and the remote work security best practices you can implement.

Work From Home Security Challenges

Hackers can expose threats on remote work computers more than on-premises ones. Many factors allow the hackers to exploit remote user sessions and eventually the internal work network. 

Here you can find the top factors that enable a cyberattack while working remotely:

• Unsecured network: Remote employees’ network security might affect the internal network security. Connecting to the internal network remotely using unsecured networks like public Wi-Fi imposes additional security threats like man-in-the-middle attacks. Hackers can then listen secretly to the connection to steal information. They can also impersonate the remote endpoint stealthily and send custom messages to attack the server.
• Unsecured devices: Hackers can easily penetrate personal devices that lack protection software like antivirus or anti-malware. Computer viruses and malware are spreading on the internet. When unsecured devices connect to the internet, viruses or malware can directly attack them. 

Devices that don't have up-to-date virus signature definitions are also vulnerable to attacks. Protection software uses the virus definitions to identify new viruses and protect against them. Missing a protection software enables scammers to attack the device when the user clicks a link in a spam email. Hackers can attack the corporate network using an unsecured device. They can also steal work-related sensitive data from a victim’s unsecured device.

• Outdated application/protocol: A remote work user might have old version applications or use unsecured protocols (like HTTP) on the device. These lead to the computer being not secure to connect to the work network. Usually, application vendors release security patches that address newly discovered threats. Choosing not to install these patches regularly increases the risk of an attack. Unsecured protocols also increase the ability of a hacker to attack. 
• Weak passwords: Generally speaking, remote work users that use personal devices like to have short and easy passwords to log in faster. The bad news is that these passwords can be compromised easily. 

Usually, there are no policies applied on personal devices to enforce password complexity. Hackers can use a brute force attack on a victim’s computer to guess the login info. Such an attack can easily calculate short and simple passwords. The hacker can then use these credentials to access the internal network and inject malware.

• Unpatched operating system: Users who work from home using personal devices don't patch their operating system (OS) regularly. These updates might include security patches and are better if installed as soon as they are made available. Missing security patches might keep backdoors for criminals to attack the computer. Then hackers can access the stored data, including work-related data (emails, files, etc.).
• Untrusted third-party applications: Remote work users usually use their own devices that might have untrusted applications. These applications might contain viruses or malware that can traverse the user session to the internal network.
• Data breach: Remote work users can save confidential or sensitive corporate data to their devices. Sensitive work-related data stored on personal devices are vulnerable to being stolen. If a remote worker loses the computer, a hacker can use recovery tools or techniques to restore the data.

Remote Work Security Best Practices

Organizations must enhance their remote work cyber security to protect their internal networks from external threats. These are the best practices you can follow:

• Limit authorization: Allow remote access only to the staff who need it. Restrict the remote access rights of remote workers to the required resources and data. Some remote workers might only need to access cloud-hosted applications, so you don’t need to give them remote access to the internal network.
• Virtual private networks (VPN): Security experts recommend connecting remotely through VPN tunnels to secure the connection between remote employees and the internal network. Follow the VPN best practices to boost the security it offers. Use standard protocols to connect like Internet Key Exchange/Internet Protocol Security (IKE/IPSec) instead of custom code protocols like Secure Sockets Layer/Transport Layer Security (SSL/TLS). Moreover, use powerful encryption algorithms like AES-256 to encrypt the traffic.
• Multi-factor authentication (MFA): Enforce MFA for remote users, whether they are authenticating to VPN or cloud applications. This authentication method prevents hackers from trying to impersonate the user to authenticate.
• Secure cloud applications: Software as a service (SaaS) is a secure alternative to some on-premises applications. Cloud providers take care of the security of the cloud-hosted applications to provide maximum protection against threats. Moreover, remote users using SaaS don’t need to connect to the corporate network. 

Although cloud providers take care of security, it is your responsibility to back up your cloud data. Use a robust backup and recovery solution that supports cloud backup, like NAKIVO Backup & Replication. For example, NAKIVO Office 365 backup enhances security using two-factor authentication to prevent unauthorized access and eventually data loss.

• Security training: Hackers can effortlessly attack users who lack knowledge about security threats and how to deal with them. Remote users are more vulnerable to being attacked by hackers. They should know how to identify and deal with security threats to protect their devices and the internal network. Conduct training campaigns for remote users to improve remote work cyber security. For example, remote users should be aware of the threats of connecting through public networks and avoid using them. They should also learn to create complex passwords and avoid using the same password across different solutions.
• Secure data sharing: Collaborate applications used for communication between remote users are vulnerable to additional cyber attacks. Remote users should not share sensitive work-related data through these applications. Instead, remote users must share data through encrypted methods like VPN tunnels. Secure remote workers even more by enforcing policies about data sharing and saving. For example, forbid data from being saved locally on the personal devices of remote users. Communicate these policies with the remote users to apply them.
• Limit personal devices: Try to limit the need for using personal devices by remote workers. If possible, let them use their corporate laptops from home. You can also use solutions that securely publish desktops or apps to remote users. These solutions allow users to launch applications or desktops through secure protocols and work as if they are on-premises. Alternatively, you can give remote users access to a terminal server through a VPN. This terminal server can host remote user sessions to open required applications or desktops.
• Zero Trust network access: Using a Zero Trust network architecture, all the devices connecting to the internal network from anywhere are untrusted by default. This approach provides access after verifying the identity of the device, the user authentication and other factors. The security concept behind Zero Trust is: never trust, always verify. This strategy protects against unauthorized access to corporate data and resources.

Conclusion

Working away from the office has become necessary in the last few years. Despite its importance during the pandemic time, remote work introduced security challenges. Remote users might use an unsecured network, devices, applications and protocols. They might set weak passwords for their devices, miss patching their OS, install untrusted third-party applications, or save locally sensitive data related to work. These insecure practices might affect the internal network and expose it to external attacks.

To mitigate the security risks of working remotely, organizations should follow security best practices to protect their business. Restrict remote access and authorization to what is needed. Furthermore, secure remote connections using VPN, MFA and Zero Trust network architecture to protect from unauthorized access or connection altering. Organizations should train their employees on cyberattacks and create security policies for remote users to apply. Additionally, published apps/desktop solutions and cloud-based applications can decrease the attack probability.