Securing Remote Infrastructure and Mobile Technology
Cybersecurity risks skyrocketed when COVID-19 forced workers to transition to home offices and children to remote learning environments. By March 2019, coronavirus-themed campaigns and attacks were well underway. These attacks began so quickly at the beginning of the outbreak that the World Health Organization released a statement warning of imposters using the organization’s name.
Today, organizations have had roughly a year to adapt to changes caused by COVID-19. By now, businesses should be transitioning from their initial emergency response measures to a permanent long-term strategy for incorporating remote workers. A successful plan for accommodating remote and mobile workers should include:
- Maintaining employee productivity and user experience from any locationo
- Keeping both employee and organizational data secure at all timeso
- Maintaining regulatory compliance while enacting BYOD policies and allowing employees to work from remote locations
The steps seem simple, but each device, software app, and location added to the infrastructure exponentially increases its complexity. An estimated ten-fold increase in work from home employees also represents an increase of routers, smartphones, mobile devices, and personal PCs handling company data. This puts companies in the difficult position of no longer having to worry about the security of one network, but thousands.
VPNs felt an enormous strain as some vendors reported usage increases of 165% in a month. Increased VPN usage from remote workers introduces new security risks, as all protected data is funnelled to a single location, the provider’s company. Incorrectly configured and/or vulnerable VPNs can expose remote employees who believe themselves secure to potential cyber-attacks.
Vulnerabilities specific to VPN and remote communications were not the only new cybersecurity risks facing companies. Many home-based employees use personal or BYOD technology to assist with their job responsibilities. Ensuring employee’s personal devices are updated and secure is a Herculean task. Confirming that the software and third-party apps on personal devices are also secure and up to date is an exercise in futility.