Work from home cybersecurity explained: should your business have a WFH policy?

August 20, 2020  |  Mary Blackowiak

Global organizations are sharpening their strategies that enable their employees to work from virtually any location at any time. But working in different types of remote settings brings with it the potential for significant cybersecurity threats that must be anticipated, defended against, and quickly remediated.

Working outside the traditional office setting has accelerated during the past decade. Organizations have stepped up their network transformation efforts to align with such trends as telecommuting, working while traveling, and the rapid adoption of web-based applications. But now, these “work outside the office” trends have moved into hyperdrive.

Businesses are under intensified pressure to develop new, efficient, flexible, and safer ways for employees to work from virtually anywhere.

But with the growing trend toward remote work comes a looming challenge: Organizations are struggling to offer their employees, customers, and partners highly secure access to vital applications and essential data.

Work from home security challenges

Along with remote access challenges, another major problem is becoming increasingly clear. Although malware, phishing, social engineering, and ransomware are all well-known threats, new campaigns are becoming more targeted and are expanding to include attacks on many types of devices.

To add to the complexity, most devices, whether corporate-issued or personally owned, are being used off network, which often means a loss of visibility and control,
and subsequently an increased risk for breach. When corporate assets, networks applications, and cloud services are being accessed by under-secured or unmanaged endpoints, the cybersecurity threat vector created by the work-from-home phenomenon broadens.

The trend toward remote work that began in earnest during a time when ample network bandwidth, inexpensive endpoint computing devices, and highly functional remote access tools became commonplace is likely to accelerate. It is also probable that cybersecurity threats that target applications, devices, and networks will surge in remote access settings. Without new strategies and tools, organizations are likely to fall victim to a higher number of cybersecurity breaches, which could take longer to detect and be costlier and more complex to recover from.

Understanding WFH cybersecurity risks for remote workers

Over the years, IT organizations have put in place tools to help employees and other members of the virtual enterprise work remotely. The number of people working remotely has steadily increased, as has the total amount of work produced outside the traditional office setting. As a result, many virtual private networks (VPNs)—which were never designed to support so many simultaneous users—is straining under the surging demand.

Another consideration is that the VPN was deployed with the expectation that employees and other remote users would likely be using corporate-issued devices and software, all with the proper and most recent security settings and privileges. Clearly, that no longer is the case, nor is it likely to be so in the future. At the same time, Security Operations Center (SOC) staff is overwhelmed, trying to triage substantially more alerts each day with an often-overworked staff and a tight budget.

The pressure on SOC analysts and their cybersecurity tools is caused by the rapid expansion in the number and complexity of threats to remote users. These include everything from mobile malware and email-based phishing to ransomware, identity theft, and machine-learning-based hacking algorithms.

Then, add in a stark reality: Many, many end users fail to practice good cybersecurity “hygiene” on everything from passwords to social engineering, particularly without the watchful gaze of on-site IT and security professionals to help and “encourage” those remote workers.

Secure remote access challenges

With far more employees attempting to utilize applications, data, and services over a VPN using a public internet connection, organizations are coming to a realization of the mounting challenges and problems in providing highly secure access.

VPNs are clearly straining under the weight of additional users sending more rich media and unstructured data over the network. This creates massive performance bottlenecks and expanding security threats with more (often unsecured) endpoint devices demanding instantaneous access to do their jobs.

There are many reasons why overloaded VPNs may be compromised, but sometimes the solution can be as simple as increasing the capacity of the VPN concentrator or adding more or higher-bandwidth network circuits. However, one drawback to traditional VPNs is that they usually provide access to an entire network segment, which increases security risk. Network segmentation helps mitigate these risks, but most legacy VPNs often lack segmentation functionality, thus exposing wider swaths of physical and virtual networks to increased vulnerabilities during remote access sessions. For these reasons, some businesses are considering alternative cloud-based remote access solutions to provide more granular control and scalability.

Establishing a work from home security policy

Against this backdrop of increased cyber-risk in a new era of remote access and new work arrangements, organizations have to come up with new policies, processes, and technical solutions to support this new breed of mobile-centric workforce.

In order to provide highly secure, frictionless remote access, organizations have to rethink their tactics at all points in the IT ecosystem—data centers, departmental systems, edge computing, and cloud gateways.

Overcoming the numerous new and intensified threat vectors requires organizations to think and act upon the following security issues:

  • Identity management

  • Permissions and privileges

  • Policy management

  • Bring-your-own policies for devices, applications, and cloud services

  • Cybersecurity training to help users practice smart security when working remotely and accessing applications and data, while also educating them on how to avoid the traps bad actors will set for them in order to gain access

What to look for in a work from home security solution

Working remotely is fast becoming the “new normal” for employees and their organizations. The flexibility for many employees and organizations has become far too compelling to go back to a headquarters-based model.

Providing for secure application access for onsite and virtual workforces is essential for organizations, especially with remote workers often using under-protected or even unsecured endpoints and network connections. That means that organizations need to make smart, strategic decisions on the tools and services they use to bolster cybersecurity readiness.

Regardless of industry, geography, or number of employees, organizations must look for remote access tools that unify their visibility and protection. It is also crucial that organizations look at these and other cybersecurity tools holistically, rather than as individual point products, in order to help prevent security remote access gaps and to promote efficient deployment and management.

In order to deliver and scale highly secure access for employees, contractors, and partners that access data, applications, and services remotely, organizations need to take a comprehensive view of security. Specifically, it’s important to invest in solutions that are designed to integrate with each other from the start, rather than acting as another point product that is “bolted on” after the fact.

To learn how AT&T Cybersecurity supports remote work, check out our remote workforce security solutions.


Share this with others