In a survey released in November 2020, cybersecurity management firm Skybox announced that 73% of security and IT executives are concerned about cybersecurity vulnerabilities created by distributed work. That’s not the concerning part, though. The survey also found that security teams have grown complacent — even though only 11% can maintain a holistic view of their attack surfaces, 93% of security executives are confident that changes to network and system configurations are correctly validated.
Is distributed work a cybersecurity nightmare?
We all know what happens when overconfidence meets cybersecurity.
It isn’t as if we have anything to be confident about, either. Per Canalys, Cybersecurity investment in 2020 only increased by 10%. Worse, that was record-setting and outstripped other segments of IT.
That wasn’t the only record we saw broken in 2020, either. The year saw more data breaches and compromised records than in the past 15 years combined. Much of this, the analyst notes, can be attributed to how rapidly everyone was forced to transition to distributed work.
“Organizations had to implement business continuity measures quickly in response to the COVID-19 pandemic or face ruin,” the firm explains in a press release. “This was often at the expense of cybersecurity and bypassed longstanding corporate policies, leaving many exposed to exploitation by highly organized and sophisticated threat actors, as well as other more opportunistic hackers.”
So far, 2021 isn’t much better. In just the past few months, we’ve seen high-profile breaches that include Microsoft Exchange and Facebook. To be blunt, the pandemic is an absolute nightmare from a cybersecurity standpoint.
Security teams are functionally besieged from all sides. While contending with a severe vulnerability in a software platform like Exchange or others, they must also deal with issues like ransomware, malicious insiders, and distributed denial of service attacks. And this is all while managing a completely distributed workforce, one in which many people are using completely insecure networks and devices.
How to improve distributed work?
The good news is that security personnel are not helpless in this regard. It is well within their power to address the security shortcomings of remote work and the Internet of Things. Here’s how.
- Revisit your security policies. If you did not revise your plans and processes during the transition to distributed work, they are outdated. And because they are outdated, they are putting your business at risk. You need to establish a robust set of guidelines for cybersecurity at home that hits the following beats:
- Access policies for corporate systems and data.
- Acceptable use for corporate-owned devices.
- The software for secure connectivity between the home and the workplace.
- Patching/update requirements for employee devices.
- Auditing for remote endpoints.
- A monitoring strategy and process for taking inventory of your assets.
- Training and compliance.
- Incident response.
- The process for reporting cybersecurity issues or incidents. You may want to include a policy that protects employees from retaliation.
- Help your employees practice better security. Invest in password management software for your business. Provide employees with advice on improving their cybersecurity at the home office, including networks, such as air gapping IoT endpoints and best practices for browsing the web.
- Control your data. Don’t allow sensitive documents to drift out of your line of sight when they’re shared outside the perimeter. Look into a secure file storage solution that enables you to retain visibility into and control files no matter where and when they’re shared.
- Guard your access points. Multi-factor authentication is non-negotiable for remote staff.
- Manage your endpoints. You might consider using a remote desktop solution, cloud software, or a VPN to connect your users to your network. You could also use endpoint management software to ensure you have an overview of your complete ecosystem, even outside your perimeter. Alternatively, you can (and should) do both.
- Prioritize accordingly. Cybersecurity can no longer be treated as a secondary consideration. It should be at the forefront of everyone’s mind in both budgeting and business operations. Criminals are not going to relent, and neither can you.
- Safeguard against malware. All the security procedures in the world won’t help if you’re caught off-guard by malicious software. That’s where ANY.RUN comes in — trusted by organizations that include MalwareBytes, McAfee, and IBM, their malware sandbox includes interactive threat analysis, thousands of malware samples, and powerful network mapping and monitoring.
Distributed work is here to stay. And unless you start adjusting your security policies now, it’s not a question of if you’ll face an incident. It’s a matter of when.