Verizon
Partner Content
Verizon
This content was paid for by Verizon and produced in partnership with the Financial Times Commercial department.

The security challenges of hybrid working

As the business community considers what a post-Covid world may look like, a split model that divides time between the home and the office could offer an ideal working solution for companies and their employees. However, homeworking brings with it vulnerabilities that must be addressed if the transition is to be made securely.

One of the side effects of the Covid-19 pandemic has been to draw a line under the debate about homeworking. In April 2020, the number of remote workers increased to 46 per cent of the population, according to the Office for National Statistics

Staff and management have responded admirably but there is no doubt there are serious challenges if a home-office hybrid is to become the norm, not least where security is concerned.

The 2020 Verizon Business Data Breach Investigations Report (DBIR) highlights a significant scaling up of cyber threats across the board with credential theft and social attacks such as phishing and business email compromises the cause of over 67 per cent of all breaches. Web application breaches doubled, accounting for 43 per cent of all breaches.

While these findings are alarming, Alistair Neil, Director for Security, EMEA and APAC at Verizon Business, says there are plenty of options available to businesses to secure critical assets for remote workers.

“There’s a whole spectrum of solutions already available and they are evolving all the time,” he says. “Organisations need to understand the risks, put the right controls in place and apply them to a distributed workforce because the ability of a business to work remotely is paramount.”

Beyond the castle walls

Organisations must cope with the fact that staff need to access and communicate data beyond the periphery of the usual security firewalls. The traditional ‘castle and moat’ approach employed in the office is no longer applicable in these circumstances, so it’s imperative that all ingress and egress points are identified and secured in newly expanded networks.

From now on, cybersecurity will increasingly have to reside as much with the individual as the environment. The DBIR report identified that 22 per cent of all breaches were caused by human error and ignorance. 

“Things are often done for ease and speed,” says Neil, “People post things to unsanctioned storage servers and cloud storage accounts, or email corporate information to home accounts to print out on the wireless printer.” 

 

This digital acceleration needs to be accompanied by a corresponding security transformation

 

“Within any organisation the obligation is upon employers to educate and support staff, to expand help desk support and to drive a culture where it’s OK to put your hand up and say you don’t understand how something works or that you have concerns.”

It’s going to be more difficult to keep tabs on staff behaviour remotely so it’s clear that employees must meet the challenge of their new role as the first line of defence and that employers must enable this.

Investing in the right technology

Another important security consideration is that many remote workers are likely to be accessing company servers or cloud accounts over public networks offering restricted bandwidth via home routers with exposed modem control interfaces. This interlacing of activity creates numerous opportunities for hostile actors. The widespread use of domestic IoT devices such as printers, cameras and TVs using default settings creates further vulnerabilities.

“It’s not possible to address every single employee’s broadband and home router setup but nor should it be necessary,” explains Neil. “A VPN offers the ability to encrypt and secure traffic between any device and a VPN server. If you’re using a properly configured VPN those issues shouldn’t arise. 

“Speed and capacity can be an issue if VPNs aren’t upgraded in which case some applications might be removed, and bandwidth increased. Companies should consider purchasing work-from-home hardware for employees, but if staff do you use their own devices it’s necessary to ensure all security and software updates are carried out regularly.”

 

With a distributed workforce a breach may not become apparent as rapidly as it would internally

 

Neil also advises IT departments to scale up their monitoring activities and employ the next generation of security software.

“It’s important to run penetration testing on the servers, do policy analyses and check to see if things can be broken easily. Endpoint protection and endpoint detection are crucial and makes it possible to isolate a device rapidly if it becomes toxic with malware so it cannot propagate in an entire system. Incident response procedures should be updated to reflect remote working.”

“But the job is becoming easier. Protection is evolving rapidly and will make remote working a safer prospect. This includes things like software defined perimeters where customers’ applications are hidden. This falls under the zero-trust model. In addition a robust Identity management plan including using privileged access management tools.”

 

Sometimes, however, the worst does happen, as we saw when the WannaCry cryptoworm that spread like wildfire in 2017 infecting computers with ransomware. In a situation like that the ability to recover data is vital. 

“The ability to recover critical information is the fifth and perhaps most important of the National Institute for Standards and Technology’s five cybersecurity functions,” says Neil. “It’s vital that every organisation has a solid back-up strategy to secure data should it not be retrievable.”

Remote working has proven it can be productive and offers organisations new opportunities in areas such as recruitment and cost savings. However, to function long term, they need to carry out a systemic audit and invest where necessary to reap the benefits working from home offers.

For more information on the threat landscape and to download a copy of the Data Breach Investigations Report