Remote Work-Force: Security Tips For Working From Home

written by Jesse Muraya

Picture this, you are in the middle of an online conference using a popular video communication platform like zoom. Midway, you see a colored image of none other than a global music icon, Kanye West popping on your screen. Of course, you will mumble at the other participants wondering why they are sharing an uncalled-for image. No sooner than the surprising photo, you hear a strange voice (perhaps with a different accent) shouting obscenities into your meeting. Ladies and gentlemen, you have just been “Zoom-bombed”. This phenomenon has happened to thousands of people all over the globe. This shows you there is a need to take online security seriously, especially when it comes to working from home and therefore forms the main topic of the discussion here.

By now, we do have millions of people all over the world working from home, this is bound to increase by the day. According to Up Work Global for example, there will be an increase of 78% of remote workers in all departments by 2028.  This means they have just been thrown into the deep end of managing their own ‘IT environment’. I will, therefore, seek to provide a few tips for the end-user working from home who may not know the A-Z of security as well as what the organization can do to improve the security of their data and devices.

Before getting to that, we first need to know what threats are out there and why we should be afraid. Data from artificial intelligence endpoint security platform, SentinelOne shows that from February 23rd to March 16th, there was an upward trend of attempted attacks with peaks of 145 threats pers 1000 endpoints compared to 30 or 37 at the previous period. Several of these attacks show that the cybercriminal is working overdrive during the COVID-19 crisis. Take for example how many links there are regarding Coronavirus on your social media platforms and emails any given day, one cannot guarantee that all of these are well-intentioned. One of the biggest threats there are now is phishing. Phishing is a fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically, through email, instant messaging, social media, voice phone calls, etc. For example, if carried out through email spoofing, one will open an email that directs you to a fake website prompting one to enter personal details (e.g. address, contacts, credit card details). Most effective phishing plays on emotions and concerns. For example, right now most phishing attacks are in the form of COVID-19 information and data which the whole globe is heavily concerned about. Through an ordinary search, you can be shocked at the number of WHO URLs are available on the world wide web, spreading all sorts of fake news and seeking people’s personal information.

Other threats are OS vulnerabilities, app vulnerabilities, network, browser/email, USB/ external devices and insider threats. This could be in the form of malware, spyware, viruses, ransomware, D-O-S attacks (denial of service attacks), Man In The Middle attacks, etc. The list goes on and on and the ‘bad people’ keep coming up with new ways to attack daily.

An enterprise will ordinarily have an IT and Security team that constantly monitors these threats and how they can mitigate the risks on the organization’s information system. However, working from home does bring up another conundrum which several companies are barely prepared for, and that is managing the security of their data with several remote workers. The other risk posed herein is individuals being not knowing what steps to take to ensure that they are not at risk of the threats mentioned above. The risk however is not only for large enterprises but also for Small Businesses (SMEs) and individual freelancers who may not be used to working outside of the comfort of offices and may be unaware of the ever-growing threats on data security from working remotely.

What are some basic standard practices everyone can practice playing their part in this?

  1. Good password hygiene

This could be by regularly changing your password, avoid saving password option on your browsers/ devices, using Multi-Factor Authentication, using complex passwords, etc.

  1. Update systems and software

Hackers, along with malicious programs or viruses, find weaknesses in software (called vulnerabilities) that they exploit to access your computer, smartphone or tablet. Installing updates fixes these vulnerabilities and helps keep you secure.

  1. Secure your Wi-Fi Access Point

First and foremost, do not retain the Wi-Fi name and password handed over to you by the ISP. It is critical to change these as most Internet Service Providers will have generic passwords leaving it vulnerable to attackers.

  1. Use a VPN (Virtual Private Network)

This is especially critical if you are using a public Wi-Fi_33 in a cafeteria or airport (assuming you are tired of social quarantine)

  1. Use company approved storage solutions

This is especially a difficult one, this is because our default storage destinations are within the hard disk of the devices we utilize or free cloud storage providers (dropbox/ google docs). However, if your company is subscribed to a corporate cloud service or is linked to a secure remote storage device, it is advisable to always use these to store docs. E.g. Office 365 (One drive), Google docs, dropbox, etc.

  1. Use company approved Applications / SaaS (software as a service)

When working from home it is always more convenient to utilize applications that you are already used to. However, this does open security challenges leaving corporate data susceptible to threats. You are therefore advised to always use company approved applications for anything work-related. These are often properly vetted and security patches updated.

  1. Be wary of COVID-19 scams

I am sure by now you have gotten an overload of COVID related information. This poses an amazing opportunity for hackers to mask themselves in all this information and launch attacks on critical data and systems. Always take due diligence to check the validity of all COVID-19 related links, websites, emails, data, etc. One is advised to treat all information released as false until you have verified it.

  1. Separate work and personal devices

This is by far one of the more difficult ones and may not be feasible for most people and organizations. However wherever possible, utilize separate laptops/ tablets/ smartphones for work and for personal use.

Other Precautions

Physical Security

  • Check your environs. This instruction should be taken literally as it is exactly what it means. Always ensure you know what / who is around you, they’re always people lacking around to see what you are working on, what your passwords are, and how valuable your device is.

  • Lock devices when going out for supplies or leaving kids/ roommates in the room. This is good practice too for example to avoid someone else accidentally opening a harmful link that could leave the machine compromised.
  • Keep devices safe and try to work in your own space at home.
  • Always cover your webcam when you are not using it. In case you do not have one of those free webcam stickers, one can use masking tape. Hackers can access your camera and view your activities.

What can the CTO/ IT administrator do?

 

When dealing with cybersecurity for remote workers, the organization is advised to have a ‘Zero-Trust’ policy. This means trust no one and assume that each endpoint/ user is vulnerable to cyber threats. Modern security needs to match the flexibility of modern working. This poses another challenge however, too much control on what users do could push them to work outside of the confines of the organization. There needs to be a balance between tight and loose security to encourage staff to be productive and work efficiently. Below are some examples of measures an organization can take:

  1. Train staff on effective security practices

This cannot be emphasized enough. It is one thing for an organization to have the best security personnel and cutting-edge cybersecurity tools, however, it is only as good as the gatekeepers. This is especially true when it comes to remote workers. The endpoints are most vulnerable and are points of entry into an organizational network and hence the need to sufficiently train end-users on best practices.

  1. Update VPNs and test for mass usage of VPNs

This is especially useful for multinational enterprises that have employees operating in different geographies. Different countries have different approaches to the usage of the internet. This means that for an organization to operate smoothly with people all over the globe, there needs to be a harmonized ‘network’ where team members feel safe to work and share content.

  1. Behavioral analytics tools

Behavior analytics in cybersecurity is roughly defined as using software tools to detect patterns of data transmissions in a network that are out of the norm. There are various tools out there that the CTO/ CSO can enable this level of security and control.

4. Increase attention to remote access cybersecurity tasks including log view, attack detection and incidence response/ recovery

5. Web and email filters

This falls in line with the Zero-Trust policy mentioned above. It is assumed that threats will always be there and each device is going to be attacked. One cannot assume each user will know which link or which email is ‘good’ or ‘bad’. This is where web and email filters come in handy. These filters prevent users from accidentally / intentionally opening or forwarding harmful links.

6. Cloud  Security

For an effective remote working policy to be in use, businesses will implement various cloud-based services. Whether cloud storage, SaaS applications, Infrastructure as a Service, etc. As the organization embraces cloud computing more and more, security threats on cloud services are bound to increase as well. Organizations, therefore, need a set of policies, controls, procedures and technologies that work together to protect cloud-based systems, data, and infrastructure.

7. Enable MFA for access to corporate data and applications.

MFA (Multi-Factor Authentication) is a security system that verifies a user’s identity by requiring multiple credentials for example by sending a text message to your phone or email with a one time password.

8. Enable RemoteSec by updating cybersecurity policies to include home working

RemoteSec is a set of security tools, policies, and protocols that govern the IT infrastructure supporting remote teams.

There are various tools from various vendors that individuals and organizations can adopt to enhance their online security regarding ‘home working’:

  • Malware bytes: This is a leading anti-malware software installed on end-points to protect your network from malicious software, including rogue security softwareadware, ransomware, crypto jacking and spyware.
  • Microsoft: Microsoft has various tools that can assist with the protection of the network from attacks emanating from remote teams. Azure active directory will enable the organization to deploy apps, centrally deploy security protocols such as MFA (Multi-Factor Authentication) and SSO (Single Sign-On) and set policies. Microsoft Defender Advanced Threat Protection is a platform designed to help enterprise networks prevent, detect, investigate and respond to advanced threats. It is also able to provide cloud security and threat intelligence, especially useful for those using the various Microsoft cloud computing services.
  • Armour Comms: This is a system that provides government-grade encryption for secure communications (voice, video and data) on everyday smartphones and tablets across all popular platforms.
  • Citrix Workspace: This is a comprehensive virtual workplace solution that includes advanced security controls for SaaS and web, unified endpoint management, and Content Collaboration.

The above are just a few of the measures that can be taken. You can never be 100 % Secure, and hence you must ensure you have done your level best to keep your data protected. If you require any of the services mentioned here, feel free to reach us at: enquiries@pongafrica.com

Subscribe to Our Newsletter

Your email address will not be published. Required fields are marked *