Maksim Kabakou - Fotolia
Beyond the office walls: Safeguarding remote workers from attack
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward?
As we all know, the flexibility and convenience to work from anywhere has been welcomed by us over the past few years. But with this greater adoption of remote working comes an inevitable change in the risks that us as both individuals and employees face. In an office environment it is fair to assume that you can trust your colleagues, work devices and IT systems, however, once you step outside of that environment and work from home or in a coffee shop the risk level can change dramatically.
While security professionals can never completely guarantee that employees would not fall victim to cyber threats inside the walls of an office, the tools and best practices for end user cyber security are continuing to evolve as more and more of us work remotely. What it essentially comes down to is how can we best secure the environment around your laptop including yourself!
As safe as houses
Wi-Fi networks in public environments can pose a significant threat. Compared to corporate networks, public Wi-Fi setups may lack robust security configurations, making them susceptible to various cyber attacks. Threat actors may exploit vulnerabilities in routers or execute man-in-the-middle attacks to intercept sensitive data transmitted over these networks. A lot of these issues are mitigated using simple corporate tools such as virtual private networks (VPNs), but we must still be aware.
If we are using our home Wi-Fi network, securing them through the use of strong, unique passwords, regular firmware updates, and, where feasible, VPNs to encrypt data traffic.
The use of personal devices for work purposes, known as bring your own device (BYOD), also amplifies the risks to you. Using your own laptop for work purposes may lack the stringent security measures typically enforced on company devices. This raises concerns about malware infections, unauthorised access, and potential data breaches. Endpoint security, patching of software including device encryption to name a few, all become imperative to mitigate these risks and maintain a baseline of protection across devices used at home.
One striking example from 2023 is the case of a threat actor who compromised a LastPass software engineer's local home network while they were working from home. The engineer used their home network to access a local video service which was out of date and allowed a backdoor for the adversary. This resulted in the theft of backups and some of the company's internal system secrets.
Fighting back against phishing
Phishing attacks continue to rise not just in number but also in their level of sophistication. Both office based and remote workers are encountering an increased volume of malicious emails attempting to trick individuals into divulging sensitive information or unwittingly installing malware. This underscores the importance of robust email security measures and continuous user education.
Most organisations offer hybrid work models and the move to home as a result of the pandemic has already put some safeguards and training in place. However, security breaches can occur as a result of human error, so while it may sound obvious, following company security guidelines is one of the best ways of keeping security risks to a minimum.
Having said that, it is also the responsibility of the company to ensure that their security guidelines and controls are kept up-to-date as the threat landscape evolves and that employees remain aware and alert. While general awareness about security risks posed by external threat actors and cyber crime is improving, topics such as phishing awareness, password management, and secure data handling will always be important as threat actors continue to find novel ways of exploiting vulnerabilities.
Zero-trust architecture
Zero-trust architecture is a cyber security approach that assumes no implicit trust, even among internal users or systems. Traditionally, security models operated on the assumption that once someone was inside the corporate network, users were trusted with broad access without constant re-verification.
However, with the increasing complexity of modern IT environments and the rise of remote work, employees may access corporate resources from various locations and devices which makes it necessary to regularly ensure users are who they say they are, you have robust access control and secure communication.
Zero-trust architectures are a really important step forward. For example, we have seen the widespread adoption of multifactor authentication (MFA) in recent years. This is where users must authenticate themselves through multiple factors, alongside passwords, biometrics, smart cards, or one-time codes, to access systems. It also provides a robust foundation to increase the cyber resilience of applications and services.
Good cyber hygiene
As employees embrace the flexibility of working from anywhere, the security focus must extend to the home environment, where the familiar office walls and trusted IT systems are replaced by potentially less secure personal setups. Basic cyber hygiene is a must, ensuring employees follow company security guidelines and keep on top of software updates should be the norm. Going forwards, we are likely to see the same types of security risks occurring again and again, but the tactics and levels of sophistication employed will inevitably get better. It’s therefore on us as cyber security experts to keep up and ensure the best levels of protection for our end user.
The CW Security Think Tank on remote working
- Michael Healey, Turnkey Consulting: Zero-trust principles: Your gateway to securing remote workers.
- Scott Burman, Quorum Cyber: Evolving best practice: What next for securing remote work?
- Rowland Johnson, Crest: Testing to improve remote worker security.
- Tim Holman, 2-sec: Anytime, anywhere access is achievable.
- Simon Blackwell, ISACA: Considerations for the security of evolving workspaces.
- Olivia Rofe, PA Consulting: Four steps to secure remote workers.
- Lionel Garacotche, Airbus Protect: Cyber and remote working: how Covid moved the cursor.
