Why protecting remote workers from cyber attack should be a top priority for your security team in 2020

Tue, 4th Feb 2020

FYI, this story is more than a year old

By Mark Sinclair, ANZ Regional Director, WatchGuard Technologies

As logging in from anywhere becomes the norm for more Australians, implementing cybersecurity strategies to support the remote working model has become an imperative for local organisations which value the integrity of their systems and data.

Hands up all those business owners who remember when allowing someone to work from home, regularly or as a one-off, was considered noteworthy, or a privilege for which they should be duly grateful?

Those days are long gone and the signs are they're not coming back.

In 2019 Australia, everyone was doing it. From traditional road warriors such as sales reps, whose office has always been wherever they laid their laptop, to IT developers and marketing managers, Australians from all walks of life have embraced the remote working model with gusto.

Reduced travel time and costs and better work life balance are commonly cited as benefits by those who've called time on doing nine to five at a desk in the corporate office.

Employers share their enthusiasm. More than two thirds of Australian organisations now allow their staff to work remotely, according to research published by Indeed in early 2019.

It's not hard to see why. Increased productivity, improved morale, reduced employee turnover and absenteeism and operational cost savings were all identified as benefits by those organisations which had thrown their support behind a remote work policy. Allowing people the flexibility to work off site can also make it easier for companies to attract and retain top talent to their teams.

Risky business

It's a win-win situation but only if organisations manage it properly.

That's a big if.

In 2020, employees have become a major attack vector. Remote working can pose a serious risk for organisations which fail to adapt their cybersecurity posture to protect users, whenever and wherever they log in to the corporate network.

The vast majority of high-tech financial fraud attempts rely on human clicks and hackers know all too well that individuals working outside the corporate firewall are significantly more vulnerable than those who operate within it.

Have companies taken steps to address this real and rising danger?

‘Sorta, kinda', according to a recent global survey of IT administrators in mid-sized organisations, conducted by Site Research on behalf of WatchGuard.

Ninety per cent of respondents stated they were using endpoint software to protect laptops and 88 per cent believed employees within their organisation who worked remotely were using VPNs when they logged in. While employees are often seen as the weakest link in the cybersecurity chain, the administrators gave them a resounding vote of confidence, with 85 per cent of respondents stating their colleagues were trained to spot phishing and identity attacks.

It would be easy to conclude the situation is well in hand, if not for the fact IT administrators don't seem particularly convinced that's the case.

More than 90% of survey respondents owned to concern about the prospect of infection being introduced via endpoints. Almost as many stated they were worried about unauthorised individuals accessing employees' laptops and devices when they were out of the office.

Just under two thirds of the administrators admitted a remote worker had fallen victim to a cyber attack on their watch; hardly a ringing endorsement for the remote security measures collectively put in place thus far.

Cybersecurity that's not centred around the office

Unfortunately, there's no simple answer to the threat that arises when your employees, en masse, swap a desktop in the office for remote working, using an array of mobile tools; both the company's and their own.

A robust, user-focused security posture which enables your team to roam free without compromising network security back at the base must necessarily be multi-faceted.

In addition to deploying endpoint security to protect employees' devices wherever they log in from and multi-factor authentication technology to reduce the risk of password compromise, organisations should be conducting regular cybersecurity training sessions.

Phishing, spear-phishing and executive impersonation campaigns have become significantly more sophisticated in recent times. Educating users, from the CEO suite down to the front line, about the risks they present can be an effective way to mitigate the risk of their falling victim. Fake phishing campaigns should also be employed periodically, to reinforce, in situ, the cybersecurity lessons employees have been given.

Just as important is the fostering of a workplace culture in which employees feel empowered to question unusual requests to disclose information or action payments, rather than jumping to obey, without question, orders which purport to come from on high.

Time to act

If flexible working isn't a ‘thing' at your organisation yet, it likely will become so, some time in the early 2020s.

As Australians continue to give the model the thumbs up, employers that adopt security measures which protect workers whenever and wherever they're on the job will be well placed to enjoy the many benefits remote working has to offer.