With the shift to a more distributed workforce in the wake of the COVID-19 pandemic, many businesses have faced significant challenges as their firewall-based approach for centralized office-based environments have needed to adapt significantly to securing a network suitable for a dispersed workforce.
Why is it important to change your security network?
New security risks are emerging based on the unintended weaknesses introduced through staff working remotely where the traditional office firewall-stops-everything approach, this unfortunately is no longer sufficient or appropriate.
Every location where data is accessed remotely can also be the transit point for hackers to bypass traditional protections and commence their ransom or other malicious activities. Therefore businesses need to protect each individual's access as well as the office in which they were previously based.
It is important to understand the real risks and impacts associated with working remotely. This can be done by exploring the mitigations associated with these risks by using modern security technology, building resilience amongst your employees and carrying out staff training to ensure a comprehensive and coordinated approach and understanding.
There are a multitude of technologies which are resurfacing that businesses can explore, such as Microsoft Remote Desktop Services, where centralized computing is coming back into fashion.
Ten steps to improve network security
Network security doesn’t have to be complicated or expensive. Cyber security is a constant battle. As technology advances, so does the sophistication of the attacks and therefore, a system put in place 12 months ago may not be effective today. You can take steps to improving your network security whilst you work remotely by implementing the following:
1. Adapting a Strong Password
Gone are the days of choosing your favorite TV show or first pet as adequate passwords. Instead, passwords should be impossible to crack, such as a really complex sequence of numbers, letters and characters (e.g. m1x 0foi@4*ct*&r6) or several dictionary words, a number and special characters strung together (e.g. bananamilkcandlecatfoodcamelstresstoy_2020).
Passwords if possible, should not be written down where they could be accessible to others.
2. Installing a Good Firewall
The first line of defense in computer security is installing a good firewall. The firewall determines what traffic is allowed through and what isn’t. These can be individually set up, meaning certain sites or site-types will be blocked for your users; therefore, keeping your client and company data protected from external threats.
3. System Monitoring
System monitoring is a significant defense in the battle against cyber threats as it enables the IT team to detect threats in the system before they have had a chance to cause any damage or disruption to your business.
These monitoring tools scan different aspects of your networked systems and security logs looking for anything suspicious. Such tools include Security Incident and Event Management Systems (SIEM), Intrusion Detection (IDS) and Behavioral Analytics (BA) systems.
4. Employee Training
The digital security of a company is only as good as the individual users, and therefore training is a vital part of maintaining a secure company culture.
Training in spotting phishing emails and the dangers of clicking on links and opening attachments from unknown or suspicious accounts can cut cyber threats dramatically, as well as how to spot suspicious emails which appear legitimate (eg.an email from Paypa1@gmail.com).
Additionally, ensuring there is a clear process to follow should the users suspect something maybe a virus or a phishing email is vitally important.
5. Risk Management
As in any industry, knowing the dangers will enable cyberattack and breach response plans to be put into place. But the key is knowing where the vulnerabilities in your systems are. This requires a close assessment of processes and a rigorous risk assessment.
6. Email Security
The majority of people can be quite blasé about email security, keeping their emails logged in on their machines and sending unsecured sensitive data via email.
Introducing a strict IT security culture regarding email is an essential tool in the arsenal against cybercrime; training staff on the dangers of phishing, ensuring all users have a complex password and are asked to change it periodically as well as email encryption. There also needs to be rigorous processes in place for email access on mobile devices.
7. Endpoint Security
With most users working remotely on a series of devices (i.e. endpoints) including laptops, mobile devices, and desktop PC’s in addition to servers in data centers. Endpoint Security is the process of ensuring these endpoints are secure.
All of these endpoints can provide an entry into your network for cybercriminals, and therefore endpoint security systems should be used in addition to antivirus software. This can include endpoint encryption and application control.
8. Anti-Virus Software
All networked PCs should have up to date anti-virus, anti-ransomware and anti-malware software. With anti-virus software, no matter how sophisticated it is, it is only efficient if it is kept up to date.
9. Multi-Factor Authentication
As inconvenient as it may be, only having a password isn’t secure. Introducing multi-factor authentication into your organization will add another level of security. In addition to having a password, the users may also be asked for a fingerprint or pin which will be sent to a mobile number or email address.
10. Avoid Public Networks
Using an unsecured public network is potentially inviting any third-party access to your company and client data to do with what they want. With more of the workforce working remotely, it's essential that all users are clear that using unsecured public networks (e.g. free Wi-Fi in a café) is not acceptable for business use.
Should you implement a centralized network?
Where centralization is not appropriate, it is then vital to have a capable Endpoint Detect and Response (EDR) protection technology installed on every external device to ensure that secure and consistent policies are in place. EDR will ensure that potential threats are detected and defeated at the earliest initial points of attack.
Alternatively, you could introduce automated Penetration and Vulnerability Testing on all networks and devices to ensure a continuous assessment and proof that obvious weak points in IT systems are closed. Traditional Firewall technology does not currently proactively test for the operating system and application-level vulnerabilities.
Businesses could also implement Network Access Control and Digital Health Policies. This ensures that any devices accessing the network via VPN or secure Wi-Fi comply with patches and updates to their systems – denying access to those devices until they are updated.
How to further maximize your cybersecurity
The most significant risk to IT systems once modern and correctly configured security systems are in place is that staff override or bypass that protection. As well as sharpening your team’s skill sets, allowing you to stay on top of the latest trends, making training courses and knowledge readily available will help your whole team stay motivated. Handing your team the tools they need to increase their digital awareness can only ever be a good thing. Ultimately there is a tremendous opportunity for staff training and education.
Businesses will need to seek support and underpin the prevention of accidental data disclosure. IT security experts will need to look for solutions that heavily feature Digital Rights Management, Encryption, and Data Loss Prevention filters to negate data being accidentally or otherwise accessed.
In the modern era, features that the channel and their customers will be seeking will need to be automated and intuitive to be able to compete with automatic hacking attacks. Undoubtedly machine learning and artificial intelligence will play a large part in identifying short and long term unauthorized access by spotting trends in unusual behavior and then automatically fixing those emerging risks without requiring manual intervention.
Businesses that are looking at security in a complete context of assessment, planning, technology and human factors are going to be the big winners in the digital era post lockdown and will successfully be able to protect their distributed workforce for the long term.
Neill Lawson-Smith, Managing Director, CIS