Logo Threat Intelligence

Securing Remote Workers

Threat Intelligence • Nov 24, 2023

Remote work. Working-from-home. Teleworking. Whatever you call it – in our post-pandemic world, it is now the new normal. Nearly half (46%) of all Australian employees now work from home to some extent.


However, whilst remote working offers significant convenience, it can also present a range of security challenges for organisations. You may have spent years developing, maintaining and refining rigorous security controls. Without proper planning and oversight, all those security controls can fly out the window as staff work remotely using a range of devices, all whilst accessing your corporate network. Your remote working staff may be inadvertently putting your entire organisation at serious risk of a cyber-attack.


  In this blog we will explore the 3 key considerations when staff work remotely: 
 

  • Secure hardware
  • Secure software
  • Secure connectivity

 
With the right remote working controls in place, it is possible to balance convenience with your organisation’s need for security.

Secure Hardware

It’s one thing to ensure all desktop computers are secure when your staff are working from the office every day. IT teams have a high degree of control over all the hardware in the office and can easily maintain control over devices.


Enterprise Hardware Solutions


However, with staff working remotely, maintaining that level of control is a significant challenge. Ideally, every organisation should insist on providing their staff with a dedicated laptop and/or mobile device that must be used for all work-related purposes. Supplying staff with dedicated work devices makes maintaining control over device configurations and settings a much easier task for your IT team. With the right device configurations, it is easier to ensure correct access controls are in place, systems are regularly updated, and vulnerabilities are rapidly patched. 


Unfortunately, the reality is that often organisations do not provide all their staff with work devices. Increasingly, organisations are allowing staff to use their own private devices, a practice known as Bring-Your-Own-Device or BYOD. As an organisation, you need to ensure that your IT team maintains some level of control over personal devices that are used for work purposes. One option is for your IT team to install Mobile Device Management (MDM) technology. This can help separate corporate data from staff members’ personal information. MDM is a useful tool that can allow your IT team to maintain remote visibility and control over your organisation's corporate data on the device. However, MDM is not without its challenges. Installing MDM on all the myriad devices that your staff may be using can present your IT team with a range of logistical challenges. Another option for managing BYOD is the use of cloud-based end-point protection tools. These allow your IT team to manage the security and privacy controls on all the devices used by your staff for work, whether the devices are owned by your organisation or by an individual employee.


Whether your staff use devices supplied by the organisation or their own personal devices, make sure you have Full Disk Encryption implemented. This encrypts the entire hard drive of the device and applies to all files, data, software and operating systems.


In summary, the implement the following strategies to secure hardware:


Hardware Encryption and Secure Boot

  • Hardware Encryption: Encode the entire device content, making it unreadable without the decryption key.
  • Secure Boot: Allow only trusted and verified software during the device startup process, preventing unauthorized access and vulnerabilities.

Zero Trust Architecture

  • Treat every user and device as untrusted.
  • Require continuous authentication and authorization to minimize unauthorized access and potential security breaches.


Endpoint Protection

  • Implement robust Endpoint Protection for securing hardware. Antivirus, anti-malware and firewall software help prevent threats like viruses, ransomware and data breaches.
  • Use specialized security tools to safeguard individual devices like laptops and mobile devices.
  • Defend against various cyber threats for a stronger security posture in remote working environments.

Secure Software

Modern Weak application security is the most common cause of cyber breaches. Vulnerabilities found in common applications, such as email, web browsers, instant messaging tools or other widely used work-related software, are routinely exploited by hackers. With staff working remotely, every organisation should be taking steps to harden your systems. This means that any functionality that is not absolutely necessary for your staff to do their jobs should be disabled. Disabling unnecessary capabilities or functionality in applications reduces the attack-surface that is available to cyber-criminals. 


Organisations should also ensure their staff receive comprehensive cyber awareness training and clearly articulated security policies. For example, staff should be aware of the risks inherent in clicking links or opening attachments in emails, along with training in ways to identify potentially malicious activity.
Likewise, staff should understand the risks associated with “shadow IT.” Many organisations implement policies prohibiting the installation of any applications that have not been approved by the IT department, as such software may be expose the organisation to malicious actors. 


One of the most important application security considerations is regular patching. Ensure all your staff understand the importance of running software updates as soon as any of your software vendors release them. This applies to Operating System updates, as well as other types of software, including:
 

  • Web browsers;
  • Email clients;
  • Instant messaging tools;
  • Other work-related software (document viewers, word processors, spreadsheet tools, etc.);
  • Antivirus software;
  • Firewalls.

 
Many applications will run updates automatically. Your remote working staff must ensure automatic updates are enabled. This will allow applications to automatically check for updates at least weekly, or preferably daily in the case of antivirus software and other security software. For any software that does not automatically update, staff should be trained to manually check for updates and run any that need executing each week. This can usually be done through the application’s menu, or by visiting the software vendor’s website and running any available updates.


In summary, use the following strategies to secure software:


Patch Management


  • Ensure software protection through effective patch management;
  • Regularly update operating systems, browsers, plugins, and other software with the latest security patches;
  • Address vulnerabilities promptly to prevent cybercriminal exploitation.

Secure Configuration


  • Maintain a secure configuration for all company devices;
  • Disable unused features and accounts;
  • Implement complex passwords and enable two-factor authentication to enhance access security.


Application Security


  • Prioritize application security for remote work devices.
  • Approve and install only trusted software from verified sources.
  • Exercise caution with phishing emails containing malicious attachments or links, a common attack vector.

Secure Connectivity

How your staff connect to the internet and your corporate network is critically important when they are remote working. When it comes to accessing the internet, in most cases staff will either connect to a residential network (either wired or wireless) or an external network, for example in a coffee shop or public library. Both residential and external internet connections present challenges. When it comes to residential networks, these often have fewer in-built security features than their enterprise equivalents. The first thing to remember is that multiple devices are often connected to the same residential network. If a device belonging to an employee’s family member gets infected with malware, this could spread to other devices connected to the same network. Staff need to be aware of these risks and provided with training in the steps they can take to secure residential networks.


For starters, staff should ensure they change the default passwords on any modems or routers, so cyber-criminals cannot use them to gain access to their network. Residential router firmware should always be kept up to date and staff should ensure that WPA2 security is used. Furthermore, your staff need to ensure all data is encrypted whilst using a residential network. The risks associated with external networks may be even greater. External networks generally don’t offer much protection. Coffee shops or public libraries may not encrypt network communications, leaving staff exposed to eavesdropping. Before using any external networks, staff should ensure they are accessing the internet using a VPN (Virtual Private Network). Ensure your organisation provides VPN access to all staff. However, be aware that if the VPN isn't properly secure, it can also provide an opening for attackers. It is essential to verify the identity of VPN tunnel end-points, as using the wrong authentication method could open the way for an attacker.


Connecting to your organisation’s corporate network can also present a range of security challenges. Whether your organisation is using on-premises or cloud-based technologies, it's essential that remote staff retain the ability to perform all their usual work-related tasks. This includes communicating through email, accessing corporate data and utilising a range of work-related systems. Remember that remote working effectively expands your organisation's network into people's homes and public locations. This elevates your risk profile to a new level.


One option to address this risk is the use of virtual desktops which can be used to facilitate secure connections to your corporate network. Though beneficial, virtual desktops may also be vulnerable. If a remote worker uses a device that becomes infected with a worm, this could spread through a virtual desktop to your organisation's servers. There is no single answer to ensuring secure connectivity for remote staff. Rather, a multi-layered approach is essential. By implementing a range of these security controls, you will significantly mitigate the risk of a cyber-attack.


Implement the following strategies to secure connectivity:


Virtual Private Networks (VPNs)


  • Ensure secure connectivity with Virtual Private Networks (VPNs).
  • Encrypt internet traffic, providing a secure connection, especially on external networks.
  • Essential for protecting data in transit, especially when using public Wi-Fi in places like coffee shops.

Identity and Access Management (IAM)


  • Strengthen connectivity security with Identity and Access Management (IAM).
  • Manage and control user access to specific resources.
  • Minimize the risk of unauthorized access, enhancing overall security.

Threat Intelligence Integration


  • Bolster security measures through Threat Intelligence Integration.
  • Leverage real-time information on current cyber threats.
  • Proactively defend against emerging cybersecurity risks in the context of remote work.

How Can Threat Intelligence Help?

There are many factors to take into consideration when staff work remotely. For any organisation, maintaining ongoing visibility over staff devices, the applications in your environment and network traffic is essential. 


Engaging a trusted external Managed Security Services team can ensure you achieve the visibility you need. The Managed Security Services team at Threat Intelligence combines a highly skilled specialist security team with security automation to expand your security capabilities. We offer a complete and flexible suite of Managed Security Services that is ideal for busy organisations trying to manage the challenges of remote working staff. 


In addition to our 24/7 Evolve Security Operations Centre (SOC), we offer Evolve Managed Detection & Response Services. This combines our highly experienced security specialists with Evolve Security Automation capabilities to streamline security operations and ensure the highest quality results.
Contact Threat Intelligence today to learn how our Managed Security Services can ensure your organisation is ideally placed to address the challenges of remote working staff.

IoT Penetration Testing

IoT Penetration Testing

By Anupama Mukherjee 02 May, 2024
Mastering IoT Penetration Testing: Uncover Vulnerabilities, Ensure Robust Security. Learn Proven Methods & Best Practices. Elevate Your IoT Device Protection Now
Cybersecurity Project Management

Cybersecurity Project Management

By Threat Intelligence 24 Apr, 2024
In this blog, we're exploring cybersecurity project management and the role it plays in securing a business.

Defense Industry Security Program (DISP): Practical Tips and Best Practices

By Threat Intelligence 19 Apr, 2024
Unlock the secrets to navigating the intricacies of the Defence Industry Security Program (DISP) with confidence. Our expert team offers invaluable insights and tailored support to help you meet DISP's rigorous security assessment requirements.
Threat Modeling

Elevating Security with Threat Modeling

By Threat Intelligence 12 Apr, 2024
In this blog post, we'll explore what threat modeling is all about, why it's important, and how it can prevent cyberattacks.
Share by: