John Stevenson by John Stevenson | | Blog

 

With another lockdown fast approaching in England and many more countries across the world there will be a significant increase in the number of individuals required to work from home (again!).

With recent reports of the volume of cyber-attacks increasing during the Covid 19 pandemic we wanted to share some useful tips for securing homeworking and mitigating the risk of cyberattack.

1. Authentication has to be 2-factor

It’s essential to ensure that access to corporate resources and cloud services such as Office 365 is secured with two factor authentication. As a matter of good practice, homeworkers should never enter passwords routinely. Instead they should be stored in the browser’s password manager or in an application, so they won’t be inadvertently typed into phishing sites.

The application responsible for the second factor in the two factor process – the one responsible for generating the one-time token – should run on a physically separate device to the homeworker's workstation, for example their mobile phone. This has two benefits. If the workstation is subject to a software-based attack, the one-time tokens can’t be “stolen”. Equally, if the workstation is stolen, theft of the physical hardware doesn’t give the thief full access to corporate and/or cloud services.

2. Beware of “Bring Your Own Device” (BYOD)

BYOD is a risk at the best of times, but that risk is elevated to the very highest level during lockdown when the physical hardware could be accessed – however innocently – by children or other loved ones who are also locked down at home and for whom security isn’t a number one consideration.

Of course, homeworkers may be able to use their own PCs or phones to access line-of-business applications back on the corporate network, but not if they share them with family or if they have been jailbroken. If they do share them with family, one alternative is to give homeworkers virtual corporate desktops in the cloud. The homeworker can use their BYOD hardware to access their virtual desktop in the cloud using Remote Desktop Access over TLS and from there use the line-of-business applications they need.

This approach mitigates the risk that the BYOD hardware can contaminate the corporate data center. It removes the need for a large scale VPN solution, scales as necessary and there’s no expensive inventory of kit to maintain.

3. Cloud first

Ideally, homeworkers should be able to access their office productivity tools – particularly those for email and collaboration – in the cloud. This avoids them having to connect into the corporate data centre.

This still leaves the question of how best to protect core line-of-business systems from attack and compromise. Longer term, businesses should look to segregate their critical and sensitive data assets from the rest of the corporate network. This defence in depth approach ensures that the more valuable an asset is the greater the level of protection is afforded to it.

4. Detection isn’t enough

As attackers become ever more sophisticated and resourceful in their attacks, it’s time to look beyond regular detection-based anti-malware defences.

Most of the successful attacks carried out by cybercriminals use specially crafted malware concealed in everyday documents, images, applications and protocols. Often this malware won’t be spotted by detection-based anti-malware systems.

Since the devices being used from home could well be compromised, look for solutions that can offer protection against advanced malware threats such as those that use zero trust and transformation-based approaches to data. The NCSC recommends the use of this approach in its pattern for safely importing data and industry analysts Gartner also recommend that organisations need to protect themselves by going beyond detection.

5. Educate homeworkers to the threat

Finally, educate homeworkers to the threat. In July 2020 Google reported that its systems had detected 18m malware and phishing messages through Gmail a day directly related to Covid-19, in addition to more than 240m Covid-related daily spam messages. This number dwindled as restrictions were lifted through the summer but now looks set to return.

Educate homeworkers to the importance of not clicking on links in unsolicited emails, keeping a sharp eye out for “bogus boss” email fraud and paying particular attention to attachments they receive in emails sent to their webmail accounts.

If you would like advice or support on how best to protect your organisation against the cybersecurity threats posed by homeworking during lockdown, contact Deep Secure and we’ll be happy to help.


View all posts