An Alphabet Soup for Securing Remote Workers: VPN, MFA, BC, IR, DR
The effects of COVID-19 have caused a number of businesses to move their entire in-house workforce to a remote workforce. Do you know who has been preparing for this Pandemic to transform global workforces? Hackers.
Malicious actors prey on weak security controls imposed by organizations of all sizes, from SMBs to the Fortune 500. For many companies, the support for a remote workforce has been in the business continuity plans for a while. For others, COVID-19 has presented a set of new risks and problems, in particular to their security infrastructure.
Working from home comes with a slew of distractions. On the IT side of things, a fully remote workforce preoccupies IT departments with ensuring that their endpoints, connectivity, and enterprise architecture are secure. For instance, the World Health Organization has had to double their cybersecurity staff by adding outside firms to help with the increased number of attempted cyber attacks since mid-March.
With a remote workforce being “the new normal, there are several basic steps your organization can take to protect your employees and your most vital proprietary assets.
• Having a strong Virtual Private Network (VPN)
• Using Multi-Factor Authentication (MFA), also termed “2FA”
• Continuously updating incident response (IR) policy, business continuity (BC) planning, and a disaster recovery (DR) plan
This alphabet soup for preparedness is one your entire organization needs to devour and one that hackers will definitely want stay away from.
The Basic Ingredients For Securing A Fully Remote Workforce
Now that your employees are working from home, how are they connecting to the office? VPN extends your private corporate network across a public network, which enables employees to send and receive data. Is your organization actively encouraging your employees to use VPNs for a secure connection to the corporate network? A recent survey by CISO Mag shows that only 70% of employees use a company VPN to securely log in to the company network.
Simply answering “yes” to using a VPN is not enough. Additional measures must be taken in terms of how employees are accessing VPN and how long that connection remains open.
- Your IT teams should be monitoring VPN traffic vigorously, looking for things such as anomalous patterns, which can be a sign of unwarranted access to your corporate network via malware or other cyber threats.
- Some companies let their employees access VPN and do not close that access unless their device is shut off or the employee manually logs out. Limiting the time that a VPN can be accessed within a certain window can provide additional security. By taking precautions, you can limit time spent in the corporate network via VPN by the number of hours or an 8 to 5 workday. This will force your employees to re-authenticate once they are kicked out.
- Accessing your company’s VPN via a password is no longer sufficient. Employing MFA to access networks and critical applications is a necessity. MFA provides an additional layer of protection and authentication to your network by proving an employee is who they say they are and that they have the permissions in place to access your network. If your employees’ credentials become compromised, MFA will protect against unauthorized access to your VPN and other business applications where it is required. MFA passcodes can come in many forms:
- Company-assigned physical token devices
- Email sent to a personal or private account
- SMS text messages sent to employee’s personal cell phone
- Phone calls to personal or private lines
The rapid increase in demand to work from home can stress your organization’s VPNs. In some instances, the capacity for remote connections will not be sufficient to accommodate the increased demand and will therefore push organizations to purchase additional hardware for on-premises systems or push them to cloud-storage alternatives. Keep in mind that upgrade patches and configured firewalls are day-to-day essentials for your IT team.
Creating a secure method for your employees to access the corporate network is just one aspect of protecting your IT infrastructure in these heightened levels of remote work. Improving your incident response (IR) planning and ensuring that they include processes around cyber-related events is also crucial for your security operations and IT teams. Continual testing and restoration backups need to be part of the response plan. Your employees should be regularly backing up their data on all company devices to the corporate servers to ensure recovery from cyber incidents. Additionally, IT teams and security operations should be testing all processes and procedures in the IR plan to ensure chains of escalation work without a hiccup. The procedures should be designed to enable your IT team to identify, mitigate, and recover from:
- Unauthorized access to systems or files as well as changes to that system hardware, software, or data
- Denial of Service (DOS) attacks
- Ransomware attacks
Adapt and Re-Adapt Your Business Continuity Planning and Disaster Recovery Plans
Business continuity challenges are rising in this new remote workforce as many organizations lack connectivity resources and security to support large workforces connecting from home using insecure Wi-Fi networks, in addition to using unsanctioned applications known as “Shadow IT.”
When is the last time you updated your BC and DR plans?
Your BC planning should revolve around the organization’s process during and after a disruption, while your DR planning applies to major information system disruptions that deny access to your infrastructure for an extended period.
Not only should your incident response (IR) planning include provisions for cybersecurity, so should your business continuity plans. The global pandemic is changing things rapidly and hackers are capitalizing on your organizations’ vulnerabilities. When updating your BC and DR plans, ideally you should think about what happens when your business will be hacked—rather than if. Being prepared and being able to adapt and re-adapt will reduce the effects on your workforce’s ability to continue operations, as well as the health and hygiene of your IT infrastructure.
Summary
This rapidly changing security landscape is the best time to review your security infrastructure. Continual planning during and after the pandemic will prepare your senior leadership teams for any future disruptions, including the practically overnight change to a fully remote workforce. Just like how COVID-19 measures from government officials have been put in place, the same applies to your IT infrastructure. Certain security measures must be tightened and applied to support your remote workforce and reduce any instance of a cyberattack.
Globalscape’s award-winning managed file transfer solution is used by clients in a multitude of industries all over the world to secure and automate their most private data while also adhering to strict compliance requirements such as GDPR, HIPAA, PIPEDA, and more. We understand the challenges you are facing in this new normal working world.
If you are interested in learning how we can help your business solve its digital business exchange contact us today at 1-800-290-5054 or on our website.
Also, check out our latest blog on how our Workspaces tool can help your distributed workforce collaborate securely and remotely.