Last year, the world witnessed a historic shift in the job market due to the Covid-19 pandemic. The ability to work from home (WFH), considered a perk earlier, has now become the norm for most businesses. Now, it’s time to look at the threats that plague remote workers and workspaces.
When employees work from home, their reliance on personal computing and communication devices increase, data is transferred on private and public networks. The devices could be infected by virus or malware. Data connections, if not secure, might result in sensitive financial data being stolen or compromised. We list a few threats that an enterprise could encounter in a remote working environment.
DDoS attack or distributed denial-of-service attack occurs when a website gets overloaded with traffic that crashes the site. Too much traffic makes content unavailable to visitors. It’s propelled from a few PCs, and the number of PCs included can extend from only several of them to thousands, or significantly more.
Spam and phishing are other relatively less destructive attacks, although the financial implications can be catastrophic.
A Mimecast survey reveals that nearly 61 per cent of enterprises were impacted by ransomware in 2020. The report is based on a global survey of 1,225 information technology and cybersecurity leaders. An overwhelming 79 per cent of the survey respondents agreed that their enterprises suffered disruption, financial loss, or other setbacks last year due to the lack of cyber preparedness. A majority of them identified ransomware as the reason for the loss their business faced.
Here are a few facts about ransomware and how it affected businesses as per the Mimecast report:
- 2020 witnessed a 20 per cent increase in the number of ransomware attacks faced by firms.
- Most enterprises affected by ransomware had to halt their operations for a week due to the attacks. More significant attacks paralysed operations for almost three weeks for few enterprises.
- Fifty-two per cent of ransomware victims agreed to pay threat actors’ demands. Only 66 per cent of ransomware victims agreed to have received complete or partial data after paying a ransom. Thirty-four per cent of ransomware victims said they never received any data despite paying their nemesis in full.
- Forty-seven per cent of respondents said they witnessed a surge in phishing and email spoofing attacks in 2020.
- Seventy-one per cent of respondent said they fear the possibility of attacks on their servers and are worried about the details of archived conversations from business collaboration tools.
- The report makes it clear that a surge in attacks in 2020 were due to the new work from home culture, and the loopholes that existed before enterprises doubled down on security and fixed their systems.
- Industry research says 86 per cent of business executives believe remote workers increase a company’s chances for a data security breach. Remote working can increase the stress of an employer because of mistrust. When a situation like that begins to foment, the relationship between the employer and employee takes a toll, which is undesirable under any circumstances.
Trend Micro – a cybersecurity company in its report pointed out the situation prevailing in the Middle East.
In the UAE, Trend Micro detected and blocked over;
- 19 million (19,662,122) email threat
- prevented 10 million (10,304,154) malicious URL Victim attacks
- 2.7 million (2,744,886) malware attacks were identified and stopped
- 1,635 banking malware threats were blocked
Attacks were often launched on critical industries at the forefront of the fight against the Covid-19 pandemic, such as healthcare, government, and manufacturing, according to the report.
Despite the visible threat to data and attacks from malicious actors, many don’t take data security seriously. If something goes wrong, both employers and employees need to know that somewhere along the way, both of them have failed to do their part. Remote security is important, and there are some best practices. Educating, counselling and helping employees with infosec knowledge is an excellent way to start information security hygiene.
Have a clear and firm IT security policy in place
A typical IT security policy will include details of an enterprise’s threat assessment. The most important use cases for the security setup have to be prioritised. Security protocols for each process have to be outlined and followed. Research the latest cybersecurity threats, business loss, learning from others and testing compliance adherence by employees. Treading the fine line between creating hurdles for employees and preventing any untoward attack towards the organisation is a difficult task, but not impossible.
Create a Remote Work Policy
Telling employees clearly what’s allowed, and what’s not allowed with regards to website browsing, use of personal devices, download permissions, installation of work-related and non-work-related software and hardware, and how attacks should be reported if they happen must be clearly outlined within the IT Security policy.
Encrypt What’s Important
Data encryption is always preferable from a security perspective. However, data encryption assumes even more significance when remote working is mandated. Devices could be lost or stolen, and the device, as well as the data, misused. When private or public internet is used by organisations to communicate, there is always a chance of the data getting intercepted, and misused. To prevent the wrong pair of eyes from seeing what’s important, encrypting sensitive information is always recommended. Using encryption software like IBM Security Guardium Data Encryption, AxCrypt Premium, VeraCrypt, NordLocker can help enterprises by barring access from any unauthorised users of company devices.
Multi-factor authentication
Assigning strict access control to company data and servers is important. Remote working does cause a lag when security checks delay the workflow. Making files and drives public seems the best alternative. But that has risks. Secure what’s important and following the concept of least privilege helps.
Also Read: Top 10 Endpoint Security Providers
Have VPNs in Place
VPNs help access resources remotely, which are otherwise inaccessible from offsite locations.VPNs also encrypt connections and provide access control for corporate networks. Along with this, a data management policy must also be in place that regulates who can access sensitive data, when that can be done and how it is done.
Automated Workflow Control
Having an automated workflow automation tool can help streamline security operations to kick in during contingencies. Centralising security operations allow enterprises to bolster security while allowing space for collaborations. Security orchestration, automation and response (SOAR) are important in the context of remote access, where threats may take longer to identify and resolve than they would on traditional networks.
Security orchestration integrates and streamlines cybersecurity processes and tools into a single body to streamline multiple security operations tasks. Security automation accomplishes these tasks with machines without any supervision.
EndPoint Security
Ensuring the security of the network – right at the device level such as mobiles, tablets, laptops, or even computers is endpoint security. It’s an amalgamation of the best practices prevailing in the infosec industry, and protection features include privileged user access, application controls, data controls, intrusion detection, and encryption.
Today, enterprises are aware of the growing number of endpoints. Work from home guidelines, on-site meetings, smart wearable devices, client meetings and work during transit require enterprises to have a smooth data distribution and access system.
As business processes become increasingly mobile phone-friendly, enterprise security officers are forced to accept the rising number and variety of endpoints. In such a situation, businesses are stretched to the limit as they have to secure their perimeter and identify and plug security loopholes while patching earlier security flaws and vulnerabilities. Malicious actors are always on the lookout for vulnerabilities and look for ways to disrupt business processes. As such if remote network security is compromised, a domino chain ensues.
Resources that are otherwise engaged in business processes have to be reallocated to address threats. Loss to business, loss of data, loss of reputation in cases of heavy breach, lawsuits, damages, penalties for legal and compliance violations, bad press, are just some of the incidents that will happen simultaneously or in quick succession. This is enough to overwhelm any enterprise.
Also Read: The Analytical Ladder of Success
Endpoint Protection Market
The global endpoint security market was 12.93 billion in 2020. Industries such as BFSI, IT, telecom, retail, healthcare and government use endpoint protection.
This helps enterprises to have a secure network with advanced technologies to protect important data. If exploited, the data can be misused.
In 2019, Mastercard witnessed 460,000 intrusion attacks in a single day. The attacks rose by 70 per cent during the pandemic. An IDC report says that 70 per cent of breaches by hackers happened on endpoint devices. The WFH model forced enterprises to relook at endpoint security and increased spending on security. A PWC report says cyberattacks grew significantly during the first half of 2020. Forty-seven per cent of attacks were reported on the healthcare industry.
The endpoint protection market is expected to grow at a fast pace. Companies like Cisco Systems, Symantec, FireEye, Palo Alto offer AI-based solutions to detect endpoint attacks.
The market is expected to grow highest in the US. The Middle East is increasingly using endpoint protection to reduce breaches.
Europe will witness the endpoint security market, with the highest growth in Germany and the UK. China is likely to lead the market in the APAC region with India coming a close second.