Just when network teams thought they had their networks under control, everything went sideways because of the coronavirus crisis. Many people were caught off guard as they were forced to deploy and support a remote workforce like no one ever imagined. Security was challenging before, but remote work presents additional security headaches. Yet, a silver lining is visible.
Most of the network security challenges are nothing new. What is new, however, is the reality that the users, systems and information teams are trying to protect are, in many ways, no longer under their control. Users are calling their own shots, and network teams don't even see it happen. This type of situation, which most organizations are experiencing, is riddled with risk.
Remote access security risks
Whether the network threats are intentional or not, they're still predictable. Hackers, malware and even users themselves routinely pose certain security hazards. Many remote access security risks abound, but below is a list of the ones that jump out.
1. Lack of information
The first risk is a lack of information about traditional network security technologies, such as firewalls and intrusion prevention systems, as those systems may be largely out of the equation now.
2. Password sharing
Users share passwords among websites and users of their computers, especially when personal devices are involved.
Software that is installed on computers, tablets and phones may violate an organization's security standards and put sensitive information, VPN connections and more at risk.
4. Personal devices
Laptops, tablets, phones and other devices may not be encrypted and, therefore, could expose corporate assets and network connections, especially when these systems are removed from users' homes.
Patching presents another potential security flaw. Patches are sometimes not applied because users are either not used to seeing the prompts or they just don't want to deal with them.
6. Vulnerable backups
Another risk is endpoint data that isn't backed up or is being backed up to vulnerable or unsupported media, such as USB hard drives and consumer-based cloud services.
7. Device hygiene
Users often buy and sell computers, tablets and phones without properly reloading or sanitizing the hard drives, exposing them to security threats.
8. Phishing attacks
In addition to the above risks, teams also increasingly face phishing threats and related attacks, including smishing and vishing.
Combine these issues with a newly expanded attack surface and all the distractions of working from home, and enterprises have a formidable security challenge on their hands -- arguably, more than they've ever experienced.
How to prevent remote access security risks
The essence of an organization's network security challenge is users are now, more than ever, making security decisions on the network team's behalf. Teams should think about what they can do to minimize such decisions or at least minimize their effect on the business. Consider the following methods.
Could you ratchet up your policies or security training? Now is probably not the time to inundate users with emails about phishing scams. What else can you do? Odds are you're not going to get everyone on the same web conference. What about creating some interesting videos on YouTube that you can share? Maybe now is the time to purchase a good awareness and training platform. Just be sure to get HR involved as its voice in the security discussion is critical.
Can you push out technical controls to further lock things down? Technical controls are a great way to modify behaviors. Do you have remote access mastered? What about your endpoints? What about web access and content filtering? Are there cloud services that need to be further secured? This may not be a good time to roll out multifactor authentication, but it can certainly buy you a lot of security.
Do you need more information about your users' computers in order to make better security decisions? A simple tool such as Speccy can provide good insight into what's running in your environment and what might need improving.
Communicate with users
Now is not the time to do more of the same with network security. Instead, you've got to figure out how to get your users working for you rather than against you. The same boring messages and dictates are not going to work. You'll have to get creative as you address remote access security.
Ask the tough questions so that everyone is accountable. Push out messages of positivity and encouragement that will help get and keep your users on your side. Free tools, such as those offered by Lucy Security and SANS, can help lighten the load.
Find the security gaps
Unless and until technical staff, employees and management are working toward the same goals in terms of security standards, policies and expectations, there will be tangible risks. Most people have already established their baseline in this new normal. However, from what I'm seeing and hearing from clients and colleagues, there are still lots of opportunities to properly mitigate certain threats and vulnerabilities.
Don't just address these areas of network security now and then get back into your old ways once the pandemic subsides. Look at this coronavirus situation as an opportunity to make your network security program better. Find where your gaps are and what needs to be fixed -- and how it can be fixed -- while also taking a long-term perspective. IT and security will never be the same. If you gain control over and master the difficult things now, you'll be golden when the next situation arrives.