Eight Considerations for Remote Worker Cybersecurity

Remote Worker CybersecurityWorking from your desk in the corporate office is probably the safest way of doing business since you have both physical and technological protections provided by your organization.  However, this may not always be feasible for either personal or business reasons.  By taking the appropriate remote worker cybersecurity precautions, you can work from home or on the go without jeopardizing your personal security or that of your organization.

Working from Home

Whether it allows you to work long-term for a company physically located far away from your home base, or temporarily due to inclimate weather or a sick child, working from home can be a nice perk. However, this situation introduces unique information security vulnerabilities that need to be considered. In this section, we’ll talk about some of the potential threats associated with working from home and how to best protect yourself, your organization, and perhaps even your customers.

Dual-Use and Personal Devices

While working from home, it might be easier to work from a cell phone, tablet, or personal computer.  However, this creates multiple potential security holes for you and your organization.  One is the fact that, to work effectively, you probably need to bring home data or programs from your organization.  Having this data on a personal device may violate regulations or company policy on storage of sensitive data or increase the probability that the data is lost or stolen.

Another risk of using personal devices for work is the potential for cross-contamination.  If you or someone else authorized to use your computer accidentally infects it with malware or damages the computer, this may affect data belonging to your organization as well.  At the very least, separate accounts should be used on the computer for work and personal use and frequent backups should be made.

Infected Network

Home computer networks typically do not have enterprise-grade cyber defenses.  This increases the probability that one or more of the computers on the network may be infected with malware there or be infected elsewhere and bring the malware into the home network.

Home networks usually also have a higher level of data sharing than corporate networks.  Many computers will ask if a Wi-Fi network is “trusted” when first connecting to it and, if so, allow other devices on the network to share folders with the computer and access the computer’s shared folders.  Allowing this increases the probability of malware spreading within the network since malware on an infected computer may have direct access to an uninfected computer.  This could even lead to infection of the company network if a device infected at home is allowed to connect to the organization’s wireless.  Folder sharing should never be allowed with a computer used for work and all computers should have antivirus installed with frequent updates and malware scans.

Missing Defenses

Most organizations focus on the network perimeter when setting up cybersecurity defenses.  By trusting everything that is inside the network and checking everything entering or leaving the network, organizations have a reasonable probability of detecting threats before they infect the organization’s computers.

However, if you’re not using a computer located inside the organization’s network perimeter (either physically or using a VPN), you don’t get the benefit of these defenses.  By browsing directly to websites from your home network, nothing prevents you from visiting websites that contain malware or content that violates company policy.  If your organization uses webmail for communications, it’s possible that emails will never pass through the network perimeter (and the associated anti-phishing defenses) if accessed remotely.  When working remotely, it’s best to use your organization’s VPN or remote desktop connection to take advantage of its network perimeter defenses.

Working Safely on the Go

Conference travel, checking email, business meetings.  There are many reasons why you might want to work on the go.  However, doing so opens you up to other potential risks and threats.  Here, we’ll discuss some of these threats and how you can mitigate them, so that you can work on the go while maintaining security.

Bluetooth

Bluetooth scanning and autoconnect is a dangerous feature built into many devices.  In 2017, the BlueBorne malware exploited vulnerabilities in the Bluetooth protocol and could potentially have infected 5.3 billion devices.  While many devices have patched these security holes, over half of Android devices (anything running Gingerbread and below) and over three-quarters of Linux devices are unpatchable and vulnerable.  Even patching against this vulnerability provides no protection if new Bluetooth vulnerabilities are discovered and exploited.  It’s best to disable Bluetooth any time that it is not in use.

Lost/Stolen Devices

One of the biggest threats of taking work devices on the go is losing them or having them stolen.  In the worst case, a stolen device that is already logged in provides the thief with complete access to the information stored on the device and any logged-in accounts, which may include sensitive personal and company information.  In the best case, the device is logged out and has full-disk encryption, meaning that the thief would need the decryption password to access any information stored on the device.  It is important to install and enable full-disk encryption software on all portable devices and secure them with a strong password.

By default, most phones come with the option for full-disk encryption; however, this is not infallible.  Recently, a vulnerability in Apple phones was discovered that allows an attacker to brute-force the password on the phone without triggering the automatic data wiping feature that should active after a certain number of attempts.  Once this is patched, it is probable that other vulnerabilities will be found for these and other phones that allow the wiping feature to be bypassed.  Therefore, it is important to never leave a device with sensitive information somewhere where it could be easily lost or stolen and to install and enable remote wipe and tracking software on all portable devices.

Public Wi-Fi Networks

Public Wi-Fi is extremely convenient, allowing devices to access the Internet from public locations like cafes and airports.  However, connecting to an untrusted public network is a serious security risk.  One of the major threats on public Wi-Fi is snooping.  Since all information is sent wirelessly to the router, anyone with the network’s password can see all traffic flowing to and from the router.  If you are visiting unencrypted (HTTP) websites or using apps with unencrypted communications, anyone on the Wi-Fi network can read the data.  Even if you use HTTPs for all websites, the web address that you are visiting is unencrypted, which could be embarrassing or a source of information that could be used in social engineering or spear phishing attacks.

Beyond snooping, being on the same Wi-Fi network as an attacker increases the probability of a malware infection.  As mentioned above, “trusting” a Wi-Fi network opens the possibility of malware spreading via shared folders.  Local attackers also have an increased probability of success with ARP poisoning or pharming attacks, which may allow them to control your access to the Internet.

Two main solutions exist for dealing with threats related to public Wi-Fi networks.  The simplest is not to use public Wi-Fi at all.  Many cell phone providers offer unlimited data plans, which remove the need for public Wi-Fi in most cases.  If Wi-Fi is essential, consider using a VPN, which encrypts your traffic from your computer to your VPN endpoint, protecting against snooping or attacks that take advantage of being on the same network as you.

Shoulder Surfing

A strong password is only effective if no one else knows it.  Most people take precautions to protect the security of their passwords by memorizing them or storing them in a password manager rather than writing them down in a place where they could be read or stolen.  However, passwords need to be used:  This means that, at some point, you need to enter them into your computer.  What if someone were watching when you do that and steals the password that way?

Shoulder surfing involves looking over someone’s shoulder when they are using technology and is a viable attack vector when working from a public place. It’s possible that an attacker could take the opportunity to steal a password or other sensitive company information if they are properly positions and looking at the right time.  When working in a public place, it’s important to be aware of your environment when entering passwords or dealing with other sensitive information.

If the password is used across multiple websites, then your account on those websites would be compromised as well.

Wi-Fi Autoconnect

Many mobile devices will automatically scan for and connect to known Wi-Fi networks.  This can be very convenient if you regularly visit the location, like home or a favorite café, and don’t want to go through the process of logging into the network each time you visit.  However, this autoconnect feature is based solely on the name and password of the Wi-Fi network; your phone will automatically connect to any network with the same name and password.  This means that an attacker could set up a network under their control that your phone will automatically connect to.

Take the extra few seconds that it takes to manually connect to Wi-Fi networks and protect yourself against attacks exploiting Wi-Fi autoconnect.

Also, be aware of Wi-Fi Sense. This is an instance in which your devices share access point passcodes. If you log in to an access point with your phone, it could share the credentials with your computer allowing your computer to automatically connect to a previously accessed malicious access point. Disabling this function is the more secure choice.

Whether it’s a long-term arrangement or just for the day, remote workers pose a unique cybersecurity challenge. Learn how to protect your systems and your employees working from remote locations with  training.

Get more information about Sword & Shield’s security awareness training or contact us for a free consultation to get started!


Comments are closed.