Managing IT Risk When Everyone’s Working Remote

Cybersecurity has always been an evolving challenge for IT teams—even before the pandemic and subsequent mass exodus to the home office. At the Protect & Streamline Summit for IT Leaders, experts from the IT and cybersecurity space came together to share advice for IT leaders scrambling to contend with a new set of business risks.

Read on for key takeaways or access all session recordings for a deeper dive.

Cybercriminals are preying on pandemic fears

Webroot threat researchers have found that 2% of the 20,000 websites created with “covid” or “coronavirus” as part of the name in the last two months were malicious. COVID-19 has given birth to a new set of online scams that capitalize on fear and uncertainty, from fake government stimulus emails to free Netflix scams.

Don’t let the cheesy “Corona Antivirus” examples fool you. Cybercriminals are paying close attention to the changes in how we work and adjusting accordingly to create more believable offers. For example, malicious files with the word “zoom” in them have increased 2,000% since March.

Newly remote workers—dealing with distractions, disruptions to the normal routine, and information overload—are a prime target.

Shadow IT is now a fact of life

IT teams have significantly less control over their users’ environments than ever before.

There’s a good chance your users aren’t working on the devices you gave them, at least not all the time. In fact, an April 2020 study of remote workers in the UK found that 61% were using personal devices rather than corporate-issued devices. They may be using public Wi-Fi or sharing Wi-Fi with someone else in their building. They (or their kids) may be using their work device for gaming, shopping, or any number of other activities, as the lines between work and home blur. Ultimately, there’s not much you can do about that.

So, what can IT leaders do to protect their organization in this time of heightened risk and reduced control?

IT teams must secure the experience

As Auvik Networks’ Alex Hoff explained, there’s a need for IT teams to shift their focus from controlling the environment to securing the experience. This message was echoed by SKOUT’s James Hatzell who advised IT teams to establish the data and systems they want to protect the most, then build concentric rings of security around that data.

Here are a few key ways to secure the user’s experience:

• Use multi-factor authentication on every web-facing application. As Jon Murchison of Blackpoint Cyber demonstrated, compromised credentials are frequently leaked to the dark web. At this point, you have to assume your password is already out there—so MFA is a must. There are various types of MFA out there, with app-based MFA generally considered to be the most secure. The prevailing message throughout the summit was that IT teams can’t put off MFA any longer. As Hoff put it, “It’s like medicine—doesn’t always taste good, but it’s good for you.”

• VPN back to a trusted network—and keep your VPN secure. VPN use has skyrocketed, and it’s easy to see why: They’re a crucial link to the resources your users need to do their job. With the increased volume of VPN use, hackers are favoring mass internet scanning for unpatched VPN servers and using remote-code execution vulnerabilities to grab credentials and cause destruction. It’s paramount to stay on top of patching. You can also leverage tools like Auvik to monitor VPN capacity and traffic, giving you the visibility to spot streaming traffic that’s going through your VPN or other work-from-home gotchas.

• Dial up your security awareness training. Generally speaking, it’s easier to get someone to click an email than to find a vulnerability in a device. People are easy targets—so that’s why it’s imperative to continue training users on the latest trends and tricks that hackers are using, so they’ll recognize and react appropriately to these messages when they land in their inbox.