We have had plenty of time to grow comfortable in the work-from-home era. We’ve realized the many benefits and creature comforts of the home office. I have revamped my own space over time to include an Insight-branded look, complete with our company logo on a fuchsia wall to create a sense of a designated workplace separate from my personal, home life. You can say I’m right at home working from home.
But so are the bad actors, who have been slipping in the new front door of corporate houses – the hundreds, if not thousands, of employee devices that have become the new cybersecurity perimeter – at alarming rates. A recent cybersecurity report by Deep Instinct indicates malware activity increased by 358 per cent and ransomware grew by 435 per cent in 2020.
Companies are trying to combat this, but in the new perimeter-less age, keeping your place safe from unwanted visitors isn’t as straightforward as before. A 2021 IDG Research Services survey commissioned by Insight found that 96 per cent of IT decision-makers increased cybersecurity spending in 2020 as remote work drastically expanded. Yet 78 per cent still aren’t confident in their organization’s ability to keep critical data away from hackers. This year, 91 per cent said their IT security budgets have increased again.
With the pandemic accelerating the concept of the “everywhere enterprise,” now defined by most companies as those hundreds or thousands of new (end)points of attack, the cybersecurity stakes have never been higher.
At home, personal devices and networks are more vulnerable and often lack the increased security protection of a corporate environment. Additionally, the rapid shift to new cloud services has increased the risk of configuration errors, which are considered the top threat to cloud security.
Whether your organization is going back to the office, continuing to stay remote, or planning some mix of both post-pandemic, every organization should enlist these six defensive measures to help IT teams minimize the risk of cyberattacks:
-
Assess your risks
Assessing an organization’s security risk is the crucial first step of an effective security strategy. This practice can be performed either internally or with the help of an external security partner that brings an unbiased perspective along with the knowledge of lessons learned in working with a multitude of other companies shoring up similar vulnerabilities.
While no two-risk assessments look alike, a thorough security maintenance check spans hardware, applications, network connections, user authentication systems, data classification and storage, and other IT components and policies. Questions that should be asked cover:
- Where does your data live?
- Who owns it?
- What is the classification level, and can you verify its confidentiality, integrity and availability?
- Do users know how to handle it?
- Has your security operations encompassed all of your workloads, in both public and private clouds?
Clarifying this will identify your assets, detect vulnerabilities and threats, and calculate the cost to fix the higher prioritized items on the list — not unlike prioritizing home improvements, where a leaky roof takes precedent over a kitchen appliance upgrade.
-
Restructure your network
Corporate networks generally operate on an open floor plan in which workers can access what they need without going through different doors (i.e., routers or firewalls). In today’s distributed environments, organizations are now searching for a more segmented form of protection that simplifies network architecture management and upkeep yet significantly bolsters security. This essentially establishes a series of locked rooms, in which the keys are user permissions and other control measures that radically reduce exposure risks.
Modern security platforms by key providers like Microsoft, Cisco, Palo Alto Networks, etc., also are fully integrated with security components that help consolidate the wide array of technology that it takes to secure an enterprise and mature your security operations.
-
Manage the new perimeter: identities
Securing data for dispersed, anywhere operations calls for establishing identities for everyone who needs to access your data. Identity management is the new security perimeter and a discipline that companies still struggle to get under grips. It involves setting up an account and creating a means for that account to authenticate to the systems that hold the data, according to permissions based on employee personas.
Ensure that people only have the access they need to relevant systems and data. This can come from being a member of a group or from being given explicit rights to do or access something. Just as important as granting access is consistently reviewing access directories and removing users as roles change.
-
Adapt your password strategy
Usernames and passwords have been known to be one of the greatest vulnerabilities for data breaches. Microsoft has stated that multi-factor authentication can block 99.9 per cent of account-compromise attacks.
The increase in cloud services both before and during the pandemic has further diminished the value of usernames and passwords by taking away the protection of a secure, reliable corporate network in authenticating users. Requiring more than one form of verification to prove a user’s identity – whether a fingerprint, PIN, security token or any number of options – should be standard for any organization working today in a virtual desktop environment.
-
Train employees on changes
Your employees have become your first line of defence against a cyberattack. Adhering to security best practices are difficult enough in-person at the office. Working remotely is an entirely different beast, and the longer we work from home, the greater the chance for complacency.
Security awareness programs can keep the workforce on its toes. Our information security team, for example, periodically sends fake phishing emails intended to educate employees about commonly used techniques to bait someone into clicking something they shouldn’t. Further training and team communications on how to report incidents and best practices to avoid hacking, identity theft and data breach can all be an important defence against threats.
-
Assess and test
The pandemic was a stark reminder that disaster can strike at any time and from unexpected places. That’s just as true for a cyberattack, meaning you need to be prepared for anything and have the confidence that your security network is capable of handling anything.
Being prepared ahead of time means regularly reviewing your cybersecurity response plan, performing tabletop exercises, and using penetration testing to expose gaps in your perimeter. My company uses internal “red teams” to, in military terms, play the role of adversary in search of vulnerabilities. Our tabletop exercises unite key IT, information security, business and communications leaders to talk through procedures, roles and specific incident response.
Today, keeping our proverbial house in order means ensuring all of our entry points are safe and secure. Whether your workforce returns to the office soon or continues to work remotely. Having the flexibility to operate from anywhere will continue to be one of the silver linings resulting from the past year’s massive disruptions.
The concepts above are fundamental, yet the reality is an average organization maintains many layers of responsibility across multiple systems that store, process or transport data. Complete visibility ultimately means making a significant investment in your people, security processes and technology. It also takes executive commitment to mature security to levels that meaningfully minimize risks while allowing your company to grow digitally to meet changing customer expectations while allowing your employees to stay productive from anywhere.