Tamer Odeh, Regional Director at SentinelOne in the Middle East, discusses the best practices for employees working from home, and how ‘real’ the risks of cybersecurity attacks are today.
With 90% of UAE employees reluctant to return to office due to concerns surrounding COVID-19, there has been a major shift of focus towards working from home. Several teleworking-technologies have been put in place to facilitate the adoption of the new work environment. With various chat apps and video conferencing platforms, the transition to work from home has not been a major challenge to companies and employees alike. However, these platforms come with their own share of privacy and security concerns.
In the past couple of months, technology and cybersecurity designed for remote work have become a top priority. From endpoint device to server and cloud workload, cybersecurity platforms are now being built for a new world where physical locations are irrelevant.
Scammers take advantage of remote work as they know that employees would not be able to confirm communications in person. Thus, there is a high risk of financial losses due to cybercrimes through Business Email Compromise as employees work from home. Phishing emails are a threat for all employees whether they work in-office or remotely, but for workers who are unused to working from home and are now dealing with an increase in email and other text-based communications, it can be easier for them to lose perspective on what is genuine and what is a scam.
When it comes to accessing the company’s network, employees run a high risk of unauthorized access and data leakage. The use of Home ISPs and public Wi-Fi services present an attack surface that is outside of company’s IT or security team’s control. Additionally, since cyberattacks can happen online as well as offline, it is important for cybersecurity technologies to be able to work offline and across the several devices used by employees at home.
It’s also important to note that just because employees won’t be working from the office doesn’t mean they won’t travel or work in public places. When doing so, employees are exposing themselves to a greater risk of losing their laptops and all the data that resides locally.
Best practices for employees working from home:
Working from home comes with its own set of perks and serious challenges; however, cybersecurity challenges should not compromise the productivity of employees working from home. It is important that employees understand the additional security challenges of remote work and are aware of how to work around them
Hence, employees should ensure all devices that support it use full disk encryption. If a machine is lost, the data on the device should not be accessible to thieves. Secondly, they could also implement robust password management for laptop access. All accounts on the device should require unique login credentials, and where practical user accounts should be restricted to non-Admin privileges.
Moreover, employees should also log out whenever the system is not in use, even at home. Screensavers should also require a password.
When accessing corporate networks remotely, there is a higher risk of unauthorized access and data leakage. Employees may engage in behaviour they never would do at the office, such as sharing a device with other family members or using the same device for both personal and work activities. In addition, the use of Home ISPs and public Wifi services present an attack surface that is outside of your IT or security team’s control.
Employees can use a VPN to connect remote workers to enterprise networks and servers. A virtual private network provides a direct connection as if the remote device were connected to the organization’s LAN. The encrypted communications cannot be spied upon by the user’s home ISP and can prevent a ‘man-in-the-middle’ type attack.
Authorizing Financial Transactions
The biggest financial losses due to cybercrime occur through Business Email Compromise (BEC/EAC), where attackers take over or spoof the account of a senior manager or executive, and use that account to instruct another member of staff via email to make a wire transfer to an overseas account, usually on the pretext of paying a phoney invoice. An increased number of staff working remotely presents an opportunity for BEC fraud, as the whole scam relies on communications that are never confirmed in person.
Employees can then restrict the number of people authorized to conduct new, overseas wire transfers, and ensure that all new requests are subject to secondary confirmation along with limiting the use of teleconferencing technology (Skype, Zoom, and similar) to ensure that financial transactions are actually coming from a legitimate, senior member of staff.
Telework or telecommuting need not impact employee productivity or security, and many organizations will have some experience of supporting remote work at some scale. The challenge presented by the ongoing Covid-19 outbreak is that your organization could have to support a rapid, large-scale shift to remote work, involving employees who are typically office-based and not used to the different demands that working from home can bring. When routines get upset, security is often an early casualty. Employees should understand and be prepared for the additional security challenges of remote work if they are requested or required to work from home during the current health emergency.