Many IT specialists are supporting fully remote teams for the first time ever, so it’s important for everyone to operate with the same caution (if not more) than they would if everybody was in an office. With an increased risk of employees falling prey to cyber attacks, business leaders must leverage new policies and technologies to keep their companies and employees safe.
Here are five tips for IT specialists to mitigate the cybersecurity risks while employees are working remotely:
Hardware platform security has become even more important. Sophisticated hackers are able to compromise or bypass operating systems’ security protections by gaining root access or compromising the BIOS software underneath the OS. With a predominantly remote workforce, ensuring that employee devices have capabilities like BIOS resilience is more paramount than before.
Technologies like self-healing BIOS can help mitigate the risks of attacks below the OS where detection and remediation are challenging. Having these safeguards in place can ensure employees will not need to replace or reinstall hardware, provide detection and automatic recovery of the firmware system in the case of BIOS corruption or compromise due to malware, and provide a peace of mind.
No longer is work done just within the confines of the corporate network and access points. While this is something we were starting to see long before COVID-19, what has changed now is the almost overnight shift to work taking place exclusively outside of the confines of the four walls of the office.
While most of the world is under shelter-in-place restrictions and using their devices from home, it’s only a matter of time before workers across the globe begin heading back to shared workspaces, coffee shops, planes and everywhere else in between.
Addressing the risks posed by potentially logging onto a rogue access point is a vital consideration. Employees must be diligent in making sure that they are not logging onto the wrong Wi-Fi (sometimes slightly changed name or number). IT specialists should continue to hold employee training sessions on the danger of unsecured access points.
Credential and access management have long been a challenge for IT teams, many of which are over-burdened and short-staffed due to critical talent shortages. Addressing the basics of making sure users don’t have administrator rights, only have access to the systems, repositories, shares and networks that they need, and only for how long they need them, goes a long way to help mitigate against credential theft – and as a result, malicious access to more sensitive data and systems.
Zero trust goes beyond the usual marketing hype to emphasize access and privileges. The reality is that attackers are becoming increasingly sophisticated and operate like criminal corporations (i.e., they have a chain of command, an organized structure and financial motivation).
By adopting a zero trust model, we assume a “guilty until proven innocent” mindset in security. To frame it more gently, it’s about giving access and privileges based on a “need-to-know” basis.
The estimated current cybersecurity workforce is 2.8 million professionals, while the amount of additional trained staff needed to close the skills gap is 4.07 million professionals, according to (ISC)2. Combine this with attacker sophistication, data sprawl, cloud adoption, exponential growth in devices and more, and you have a recipe for disaster. To tip the scales in your favor, you have to leverage artificial intelligence at the endpoint.
These solutions are able to detect malicious activities and respond almost automatically to isolate the attack from the network and auto-immunize the endpoints against newly discovered threats. Some even offer the possibility to rollback an endpoint to its pre-infected state. However, there is a caveat all developers and employers should understand – not all AI is built the same. As a security team, it is important to understand your challenges and leverage contextual AI when applicable.
While COVID-19 has challenged businesses to think about security in a new way, the risks will not vanish once employees start getting back to the workplace. For example, if any machines were compromised while employees worked from home, once reconnected to the corporate network those machines can offer cybercriminals a door into your business. It is thus vital for business leaders to employ these security measures now, preventing the potential for a reputation damaging breach down the road.