The United States recently marked a grim milestone: one year since the COVID-19 lockdown first came into effect. When workplaces across the country first shuttered their physical offices and pivoted to remote work, many organizations were unprepared. These rushed transition efforts meant that concerns like keeping the network secure took a back seat to more pressing concerns.
However, one year in, we have moved past the hasty, last-minute efforts to extend connectivity and leverage remote work tools. With almost a year of remote work under our collective belts, we’ve had the time to understand what areas of the network which individuals need to access to complete their work tasks. This means organizations have now had the time to design and implement a robust, layered security plan to safeguard corporate digital assets.
Remote Cyber Security Basics: Warning Signs Your Network May Be Vulnerable
In a previous article, we discussed a few signs that may indicate your network security is lacking. Red flags that indicate your security posture needs to be strengthened include:
When it comes to security, not all employees may be as diligent as your on-site networking team. Home networks aren’t usually as secure as their corporate counterparts, which can play host to a wide variety of devices that may also lack strong security protocols (such as IoT devices and gaming consoles).
To help keep your network secure, you may want to consider setting minimum Wi-Fi security standards and investing in secure wired and wireless access products such as Ruckus’ Cloudpath.
Shared Accounts and Passwords
Shared usernames and passwords not only help keep your network safe; they also identify which individuals took which actions. As such, accurately tracking which users completed which action (such as sending a sensitive file or deleting information) is vital for holding everyone accountable.
End users who reuse the same password for multiple accounts present a significant security risk. If one password becomes compromised (on the Dark Web, perhaps, in a data leak), bad actors could have access to corporate tools and data.
Easy–to–Guess Usernames and Passwords
Your username should never be “Admin”, and your password should never be “password”. Pick passwords that aren’t easy to guess and ensure you have a robust password policy in place. For more information on passwords, please see the Robust Passwords Policy section of this article.
No Account Lockdown Limits
Password cracking tools allow bad actors to try thousands of passwords each minute in an effort to guess the correct password. This is called a brute force attack. Limiting the number of incorrect passwords a user can try before being locked out is highly effective against these types of attacks.
Not Using MFA
Multi-factor authentication (MFA) requires users to perform a secondary action, as well as enter the standard username and password to log in. This secondary identifier may include biometrics (such as a fingerprint scan) or a randomly generated, temporary key that is sent to a secondary device (such as a phone). Bad actors then need to have the username, the password, and either the biometric variable or the device that receives the temporary key to successfully access the network, greatly reducing their chances of success.
Not Limiting Who Has Administrator Privileges
Calling IT every time you want to install a new program may be annoying, but limiting administrator privileges to a select few team members is a great way to prevent the spread of malware should one of your endpoints become infected.
Administrative accounts have more permissions and control, which means malware can more easily make changes on the device (install itself, for one) and access sensitive areas of the network (such as databases containing private information, financial records, or other sensitive digital assets). By limiting administrator access to a must-have basis, you can also help ensure that bad actors can’t use compromised credentials to access the more sensitive areas of your network.
No Cyber Security Training
You can’t defend your network from malicious actors if your team can’t recognize threats or quickly and effectively respond to an incident. All end–users should know how to identify threats (including suspicious emails that may be phishing scams in disguise) and to whom they should report suspicious activities...without fear of punishment. Ongoing cyber security training helps ensure your team’s skills stay sharp so they can recognize, and respond to, potential threats effectively.
You Don’t Have an Acceptable Use Policy in Place
Having an acceptable use policy that outlines what steps employees should take to safeguard your organization (such as not writing down passwords) and clearly states what activities are acceptable on business-provided technology is good from both a legal and a cyber security standpoint. This policy should be reviewed annually, and all individuals accessing your network should have to re-sign the policy any time it is updated.
You’re Relying on One-Size-Fits-All Firewalls
When it comes to technology, one-size-fits-all often means one-size-fits-none. Off-the-shelf cyber security products aren’t usually robust enough to safeguard your digital assets effectively and can’t be configured to ensure they meet your needs. True enterprise-grade firewalls receive regular updates to help ensure they can recognize new strains of malware and are able to better interface with your network to identify and block malicious traffic and quarantine potentially infected machines.
Your Endpoints Aren’t Encrypted
Endpoints (such as computers, tablets, and smartphones) act like doors, allowing individuals to access your network. When these endpoints aren’t encrypted, a single stolen laptop or lost smartphone means bad actors can easily access files and other sensitive information.
You Don’t Use Antivirus Software
Antivirus software is an effective tool in the fight against bad actors. Modern antivirus solutions are regularly updated to ensure they can readily identify current strains of malicious software (including ransomware) and be trained to recognize and flag unusual user activities (such as logging in at strange times or from unexpected locations), which may indicate a user’s username and password have been compromised. Should your antivirus detect suspicious activities, it can quickly and easily quarantine compromised accounts and devices to limit the reach of malicious actors and malware.
Your Backups are Stored on Your Network
Should you be targeted by a ransomware attack, your backups may be your only chance at recovery. As such, storing your backups on your network may allow malicious actors to encrypt them as well, defeating their purpose.
Common Threats in the Remote Work Era: Ransomware & Phishing Scams
One of the first steps all organizations need to take to improve their cyber security standpoint is to be aware of common threats.
Ransomware is a form of malware (malicious software) that encrypts victims’ files. Once the files are encrypted, the bad actor behind the attack demands a ransom from the victim in exchange for restoring access to the data or system.
Though you don’t have control over whether you are targeted by a ransomware attack, there are a few steps you can take to deter bad actors and safeguard your network:
- Keep your operating system patched and up to date. When software companies discover vulnerabilities in their products, they release security patches.
- Limit administrator privileges and don’t install software without vetting it first. Limiting administrator privileges to a few well-informed cyber security and networking experts helps reduce the chances of someone inadvertently downloading ransomware. Also, always make sure you know exactly what a piece of software will do before you download it onto your network.
- Back up your files regularly and keep them separate. Though backups won’t prevent ransomware attacks, they do allow you to access slightly older versions of the encrypted data. Depending on when you last backed up all the files on your network, you may be able to restore those files from the backup and avoid paying the ransom.
For more information on ransomware and steps your organization can take to safeguard your digital assets, please consider reading these other Mirazon articles:
- Anti-Ransomware Armor: Prevention and Mitigation Tips and Strategies
- Tips for Preventing Ransomware Attacks
- A Case for Using Group Policy to Prevent Ransomware from Running
Phishing scams involve tricking unsuspecting users into revealing private information or granting access to sensitive areas of the network. Bad actors pose as trusted individuals or institutions (such as your boss or your bank) and use that trusted relationship to try and trick you into:
- Handing over sensitive information (such as usernames, passwords, or banking details)
- Downloading malware
- Visiting a website that contains malware
A troubling report from Open Text found that one in five respondents have received a phishing email. The average respondent received 70 emails per day (up 34% from 2019), and with work from home likely to remain the norm for quite some time, this trend is likely to continue. This increased email load means users need to dedicate more brainpower than usual to differentiate between legitimate requests and correspondence and potential phishing emails.
One strategy organizations can use to help fight phishing scams is flagging external emails. This simple step can help users better differentiate between legitimate emails from their boss or co-workers and external malicious actors impersonating trusted colleagues.
Steps You Can Take to Secure Your Remote Workforce
Here are a few basic steps your organization can take to help secure your remote workforce and safeguard your digital assets:
Invest in End–User Education
User education is critical. Even the most comprehensive cyber security strategy is worthless if your team doesn’t have the skills and training to implement it properly. Make sure employees and other users know to evaluate emails, phone calls, and other forms of communication with a critical eye and know whom to report suspicious activities. When in doubt, employees should verify requests independently. This could mean calling your boss to double-check if they really did just ask you to hand over your company credit card details because they’ve “misplaced” their card.
All new hires should undergo robust cyber security training as part of their onboarding process, and all employees should receive refresher training frequently. You should also give end–users the opportunity to test their skills. This may involve sending out fake phishing emails to see who responds or running penetration (pen) tests or tabletop exercises.
Pen tests involve hiring an ethical hacker to stress test your defenses and share their findings with you so you can address any vulnerabilities they find before malicious actors find and exploit them. Tabletop exercises act like cyber security fire drills, presenting your team with a hypothetical security incident that they need to remediate. This no-stakes environment lets your team test both the skills they learned during cyber security training and evaluate the efficacy of your current policies and procedures. When the scenario is over, you and your team sit down and evaluate both their performance and your current cyber security posture so any deficiencies can be addressed as soon as possible.
Robust Password Policies
The idea of a password may be simple, but a bad password can be the difference between thwarting an attack and letting a bad actor waltz onto your network unimpeded. To ensure employees are selecting good passwords, you should have a strong password policy in place.
To help develop your password guidelines, the National Institute of Standard and Technology (NIST) publishes and regularly updates password guidelines.
How Remote Work Affects Your Network Support Requirements
Remote work dramatically increases the likelihood of an infected machine gaining access to your corporate network, particularly if you allow unfettered access via VPNs.
Segmentation is Key
If COVID has taught us anything, it’s that keeping sick people or potentially sick people away from healthy people is key to stopping the spread of disease. Network segmentation helps safeguard the most critical areas of your network by limiting who has access to sensitive information and implementing additional security protocols around high-security areas. All personally identifying information (such as financial records and HR files) and critical areas of the network (such as the servers) should be subject to additional security measures, and access should be limited to a handful of authorized individuals.
Quarantine Compromised Machines
To help safeguard your network, Ruckus’ Cloudpath automatically quarantines infected machines as well as machines that don’t comply with minimum security requirements (such as having the latest version of an operating system or most recent security patches installed). This helps ensure that no compromised or potentially compromised machines are able to access sensitive files.
The Dangers of Bring Your Own Device (BYOD)
BYOD policies have become more commonplace over the years. Though this approach may be tempting from a budgetary perspective, allowing employees to access your network via their own devices often leaves your network vulnerable. When employees use their own devices, the company is not able to control or configure these endpoints securely, leaving them vulnerable to infections.
The wave of work-from-home initiatives has made BYOD even more common, further increasing network vulnerability when many organizations continue to struggle to secure their newly defined network perimeter. The ongoing health crisis has also left many workers feeling exhausted and distracted, potentially compromising end-user education in a time when it is more critical than ever.
How Can Mirazon Help?
Not everyone is a cyber security expert, but that is okay. The friendly team at Mirazon is always here to help by answering your cyber security questions and offering sound, practical advice. We offer a wide selection of managed network services and networking and Wi-Fi services to meet your needs.
All of our managed services offerings take a holistic approach to security and functionality. We layer a variety of different security measures and tools (including firewalls, antivirus software, and monitoring) to detect and block malicious actors and activities before they reach your network’s internal systems.
To help give your team the cyber security skills they need, we also offer end-user training. By empowering your team to recognize potential attacks and ensure employees know the process for reporting suspicious activity. We can also work with your internal IT team to help them create cyber security policies and internal reporting portals so all team members can quickly and easily report security events.
Our team has been on the cutting edge of the battle against cyber security threats for years, and we have experience working with organizations of all sizes in a wide variety of industries. Our time in the trenches has given us the skills and knowledge we need to evaluate the efficacy of cyber security tools and create policies that can help minimize or even prevent cyberattacks.
Why Has Mirazon Partnered with CommScope?
Mirazon has been working with Ruckus for years, and our relationship actually pre-dates their acquisition by CommScope. Both CommScope and Ruckus share our customer-focused approach to business and unwavering commitment to high-quality, affordable products. Ruckus’ Cloudpath is an excellent product that is both comprehensive and easy to use. It makes safeguarding your constantly changing network easier than ever. With self-service access to Wi-Fi networks, you can also help ensure all devices on your network comply with your cyber security policies with minimal burden on your help desk for provisioning or password resets.
For more information about the importance of cyber security in the remote work era, or to find out what steps you can take to improve your organization’s security posture, please contact our team today.
To learn more about cyber security in the remote work era, please consider these other resources: