Remote Working during the Pandemic: Network Security Challenges and Solutions
Since the emergence of Covid-19, offices around the globe have started the remote working. As work from home continues to heat up, the hidden dangers of “network security” brought by telecommuting cannot be underestimated. Ensuring network security in the remote working environment has become the focus of attention of government and corporate.
Remote office network security risks
Risk of open ports
Scenario: In order to facilitate remote operation and maintenance, some IT personnel have opened server ports that enables remote working.
Risks: Opening the ports for remote operation and maintenance, exposing key service ports to the Internet, making the remote server the focus of hackers, ransomware, and worm attacks.
Remote access security risks
Scenario: Workplaces have opened the access rights of the intranet to the Internet, and have not deployed basic security tools such as VPNs and bastion hosts, and have no reliable remote access method.
Risks: The opening of remote access channels greatly increases the risks of remote access and operation and maintenance. There are risks such as insufficient access control, insecure operation and maintenance links, and no audit trails.
Remote office devices security risks
Scenario: Sometimes employees use personal laptop / tablet for remote office work, and some of the personal devices involved in processing and transmitting business data doesn’t have software with up-to date security definitions.
Risks: The personal device firewall and definitions aren’t up to date or anti-virus software is not installed, which may easily lead to personal devices being maliciously attacked, leading to corporate data leakage and threatening corporate network security.
Third party tools security risks
Scenario: Some employees do not understand the cyber security risks of remote office work. Some employees use third-party tools to transmit and store important data such as internal employee information, technical information, bidding documents, and contract agreements.
Risk: The use of third-party tools and software to store and store sensitive data may present a risk of data leakage, which may easily lead to the leakage of sensitive information of the enterprise.
Phishing security risks
Scenario: During this pandemic, a large number of phishing emails have emerged using the relevant information of the pandemic, and some malicious actors use the Covid-19 and other business related topics to conduct phishing attacks through email.
Risks: After a successful phishing attack, the attacker can eavesdrop on computer communications and steal files, causing the risk of corporate and personal information leakage. In case of ransomware, the computer cannot be turned on and there is possibility of files being encrypted. (Remote/Local Drives)
Countermeasures for remote office network security risks
Regarding the above-mentioned hidden risks of teleworking, it is recommended that workplaces take measures to deal with cybersecurity risks from the following eight aspects:
1. Network security emergency response mechanism
All workplaces should clarify the cyber security emergency response mechanism, clarify the cyber security emergency risk scenarios and emergency response processes, including process approval, startup nodes, processing measures, communication methods, etc., implement the cyber security risk disposal manual, and issue information notifications. jobs.
2. Use secure remote access
All workplaces should try to use VPN, bastion hosts and other security means to carry out remote office and remote operation and maintenance work; if VPNs and bastion hosts cannot be deployed urgently, similar services in the cloud deployment model can be used to ensure confidentiality and security.
3. Strengthen privileged account access control
Workplaces should decide whether to provide remote access interfaces and whether to adopt enhanced access control measures according to the importance of information systems and resources. For example, for some important system privileged accounts, operating system and database can only be accessed through the intranet.
4. Strengthening security vulnerability management and security testing
Workplaces should strengthen the security testing before the systems go online, and discover existing security loopholes in a timely manner to reduce risks such as unauthorized access and data leakage. For web based systems, regular security assessments should be performed to identify and address common threats such as brute force cracking [limit-rating], SQL injections, and ransomware attacks to ensure the safe and reliable operation of the business.
5. Strengthening cybersecurity monitoring during the pandemic
Workplaces should make adjustments to the network changes during the pandemic, make corresponding security protection measures, strengthen remote access portal monitoring, find suspected network security incidents, and contact the vendors or related department to analyze and handle the security incidents in a timely manner.
6. Strengthen access control for third-party tools
In the remote office scenario, third-party tools have become a way for most companies to transmit data. When transferring data, it is recommended to compress and encrypt the file for transmission. Be sure to set an encryption key / similar for sharing data on cloud. In addition, when using collaborative office tools, you must pay attention to the viewing permissions of the materials to prevent the leakage of important information caused by the problem of setting the permissions of the materials.
7. Strengthen personal device protection
Workplaces should formulate personal device / terminal access security specifications, define personal device access standards, personal devices should install firewalls and anti-virus software, and update operating systems, firewalls, and sw patches in a timely manner, and at the same time strengthen access control of personal devices via methods such as MDM.
8. Strengthening employees’ awareness of cyber security protection
During the pandemic, it is recommended to strengthen the education and training of employees’ remote office security awareness, and conduct network security awareness training in conjunction with risk scenarios such as phishing emails to improve the network security awareness of enterprise employees and reduce their network security risks.
With the steady and normal progress of the current work, teleworking can effectively control the spread of the Covid-19, but the security risks of teleworking brought by it should be closely monitored by workplaces. On the basis of improving remote office security protection capabilities, workplaces should continue to build improve network security protection capabilities, and conduct network security assessments in a timely manner to block potential network security risks.
