Tips for Securing Your Remote Workforce
The trend toward working remotely has been increasing for the past 20 years. Covid-19, the emergence of 5G, the transition to the cloud, and new technological capabilities for the remote worker has turned the trend parabolic. Over 5 million employees worked exclusively from a home office last year according to Flexjobs.com; a 91% increase over the past 5 years. Covid-19 has driven that number higher substantially over just the past several weeks. A CNBC survey conducted just last week found the following:
More than one-third of senior technology executives surveyed by CNBC say that cybersecurity risks have increased as a majority of their employees are now working from home.
About 85% of companies surveyed say at least 50% of their employees are now remote.
More than one-third (36%) of executives on the CNBC Technology Executive Council say that cyberthreats have increased as a majority of their employees work from home.
Finally, in a Chicago Tribune article, Philippe Weiss of Seyfarth Shaw at Work, the workplace training subsidiary of the renowned global law firm Seyfarth Shaw, wrote: “I think this is a watershed moment in terms of wider acceptance and implementation of work-from-home.” Weiss continued: “Employees that have tasted the benefits of more freedom and autonomy are going to be hard-pressed to let it go.”
This is a “Watershed Moment” in Remote Work and Unlikely to Reverse
Businesses ranging from tech giants to startups have been forced to close offices globally to stop the spread of Covid-19 in order to keep operations moving. Microsoft, Google, Facebook, and Apple have all urged employees to work from home. Other tech firms, including Cisco, are offering their collaboration tools for free as companies around the world quickly implement work-from-home policies as conferences are canceled. Now that the curve of the trend has steepened toward remote working, the likelihood is high that it will not be reversed.
Finally, according to Cisco Systems, WebEx meeting traffic connecting Chinese users to global workplaces has increased by a factor of 22 since the outbreak began. Traffic in other countries is up 400% or more and specialist video conferencing businesses have seen a near doubling in share value when the rest of the market is shrinking.
The Cybersecurity Challenge for Organizations with Remote Workers
While the benefits of working from home are countless in terms of productivity, time with family, and reduced stress, cybercriminals have increased the number, sophistication, and damage of their attacks on remote employees. The reason remote employees offer cybercriminals such an appealing target is the size of their attack surface. Software vulnerabilities from unpatched software, an open RDP port, and unsecured ports represent 90% or more of all attacks against remote workers. Stunningly, according to last year’s 2019 Global Endpoint Security Trends Report, “42 percent of all endpoints are unprotected at any given time!”
Sixty-six percent of all cyberattacks begin at the endpoint and with enterprises having little control over what software their remote workers are running. Further, IT security teams have limited tools for checking the software and addressing any vulnerabilities. The phishing attacks that we are seeing today will become more sophisticated types of attacks.
Understanding the Remote Worker’s Attack Surface
Cybercriminals are constantly looking for a vulnerability in order to start an attack. Vulnerabilities can be found in software that hasn’t been patched with the latest updates from a software manufacturer like Microsoft, they can be found in unsecured RDP services, poor antivirus solutions, and mobile phones and tablets.
IT Security Experts Believe Cyber Attacks Will Increase 30%-40% Imminently
Essentially, the more technology a remote employee has connected to the corporate network, the larger their attack surface. In addition, in many respects, the further they are away from the perimeter of the network and the security controls that are part of the organization’s processes, the more gaps they will leave for attackers. This increases their attack surface and is the reason why IT security experts believe attacks will increase 30%-40% over the next several months.
Reliance on email communications will increase significantly with the transition to remote work, however, email security has remained unchanged for 30 years. Many smaller businesses are still likely to be using outdated Simple Mail Transfer Protocol (SMTP) when sending or receiving email. Thus, the default state of all email services is unencrypted, unsecured, and open to attack — putting crucial information at risk.
Protect Your Employees and Corporate Network Simply and Easily
Lodestone’s experience investigating countless cyber-attacks and handling their post-mortem analysis has provided their consultants with the opportunity to create a packaged consultation that includes the critical services needed to secure your remote employees. These services are selected to create the most cost-effective service to secure your remote workers. The gaps being closed by the assessment will significantly diminish an attacker’s ability to move from a remote employee’s system to your network. As we all know a successful attack can cost organizations millions of dollars in lost revenue, brand damage, and with CCPA and GDPR now in full force, fines.
Introducing the Remote Workforce Cybersecurity Assessment
The Remote Workforce Cybersecurity Assessment Package Includes:
• Advanced scans to uncover known vulnerabilities across the external attack surface
• Securing remote desktop services
• Securing ports and ensuring safe VPN access to the corporate network
• Virtual CISO advice and consultation to reduce and protect attack surface
• All-inclusive Package Pricing
Lodestone offers two types of pricing based on the size of your environment. They are the following:
• $2,500 for up to 30 IP addresses
• Custom and Discounted pricing for over 30 IP addresses
We at Lodestone look forward to keeping you, your customers, and your employees safe from cybercriminals. Please contact us at your convenience:
Phone: (203) 307-4984