Even as the country began to open up from lockdown caused by the novel coronavirus pandemic earlier this summer, one thing was already made clear. Remote work – also known as telework – wasn’t going away. Many American tech giants have indicated a willingness to allow employees to maintain the work from home option instituted due to the pandemic.
Remote Work Brings Increased pressure for Some
This has created new challenges for IT departments as they deal with helping ensure that remote workers can be productive and maintain company cybersecurity in the process. As ClearanceJobs previously reported, cyber actors have demonstrated their continued willingness to conduct malicious cyber activity this summer. At the same time, there are new opportunities for cybersecurity professionals as companies adapt to address these fundamental changes to the way business is being conducted.
“There’s one group in particular whose day-to-day has been completely altered by the remote workforce – the IT team – those hard-working people we rarely see who make sure that everything runs smoothly,” explained Laurence Pitt, technical security lead at Juniper Networks to ClearanceJobs. “Not only are many of them also working remotely, but dealing with increased demand for services and assistance at the same time. Fifty percent or more of us are spending the whole week at home – and online. This is putting additional pressure on corporate IT to work harder than ever to ensure a good user experience.”
New Security Concerns
IT departments must deal with the potential weaknesses that come as a result of employees working from home.
“A fully remote workforce comes with a whole host of security concerns since the majority of employees are connecting to corporate networks through their home networks and ISPs,” warned Simone Petrella, CEO of CyberVista.
“The companies fortunate enough to have the ability to pivot and operate in a virtual environment have created a new security challenge for themselves: an entirely remote workforce,” Petrella told ClearanceJobs.
Lack of Preparedness
One important consideration is that many employees simply may not be prepared to work from home – and this can even include the IT staff. Part of the training thus needs to be in getting these teams to understand how to telework effectively and how to remain in communication with one another and not feel isolated or distracted. Not only is this important to ensure that productivity isn’t impacted, but also to make certain that cybersecurity isn’t weakened as a result of a remote workforce.
Find the Weaknesses and Gaps in the System
Questions should be asked of those working remotely: Are there are weaknesses in a network thanks to a son’s video games or have apps been installed on a shared computer that could create security holes? Likewise, all workers need to be trained to be on guard for a call/text/email from a colleague that isn’t what it appears to be. Social engineering attacks are as effective as brute force hacks of a network, and because workers aren’t in the office it is easy to assume that link or email sent from a colleague is legitimate.
Caution is the Key to Remote Work
“For personal development, it is important to remind people that attackers find the perfect time to attack – it’s important to be more cautious around text messages, calls and emails – on personal and work devices,” suggested Chloé Messdaghi, VP of strategy at Point3 Security.
“Attackers will find their way to spear phish employees,” she warned – as noted by the recent attack conducted at social media platform Twitter.