The New Normal
Over the last few weeks, many organisations have been forced to switch to home working and this looks like it will continue for much longer than initially anticipated.
Home working has become the “new normal” and many firms look set to continue with remote working for many months to come.
Large corporates, like Twitter, have already stated that they intend not to maintain office space for all their employees, giving all their teams the option to work from home “forever”.
Security Challenges of Remote Working
With home working, employees may no longer enjoy the protection of their well-guarded corporate networks across a small number of offices. Instead, simply put, there are now as many offices as there are employees.
This isolation therefore introduces new and increased vulnerabilities that cyber-criminals are looking to exploit, so they can try and attack & defraud home workers, or use the home network to backdoor and seek vulnerabilities to attack the company itself.
It is now not uncommon for a home worker to have a direct connection to the Internet, where they will access popular cloud-based services and typically bypass any corporate security and defence infrastructure or policies. This can marginalise, or completely remove the protection any corporate monitoring systems may offer, leaving new threats and new risks undetected, increasing the risk of data leakage, fraud or theft.
Mitigating Risks – Solutions?
The first job is to understand the risks you may have with home workers and any true mobile / field workers. We have the experience to run checks against different types of workers (personas) such that we can then advise on solutions.
One such solution we are able to offer is called HomeWatch:Guard.
HomeWatch:Guard, powered by Zepko, is a cloud-based service which will natively monitor traffic, pathways and interactions with common cloud-based services employees need to perform their daily function.
We will also track activity back into your corporate network from hundreds, if not thousands, of disparately located employees for any indicators of compromise.
We will limit, control and monitor all data transmission to ensure company confidential or PII (Personally Identifiable Information) is not leaked to unauthorised sources.