One year ago…
COVID-19 impacted the entire world. Besides the disastrous health and social effects, the virus had a significant impact on the traditional working environment. Due to the uncontrollable spreading, many companies shut their office doors and instructed their staff to work from home (WFH). The organizations that remained open had to quickly shut not long after as countries started to impose lockdowns following the World Health Organization’s declaration of COVID-19 as a global pandemic in March 2020.
The transition to telework was almost instantaneous and, for many, a new experience, which caused a significant risk to cybersecurity. Numerous IT departments had days, rather than weeks, to take action to secure the organization, resulting in ad hoc policies. Furthermore, according to a report by Morphisec, almost half of office workers were new to WFH when the shift happened. This lack of experience with WFH, both on the employer and employee’s side, made it difficult to maintain security measures outside of the organization’s traditional perimeters.
Attackers, as opportunistic as ever, took advantage of the situation. Not only were enterprises struggling with implementing the relevant security measures, but there was now a larger attack surface to exploit as the number of devices to exploit increased. In just two months, Morphisec saw attacks rise by more than 100,000 per week. In February 2020, just a month before nationwide lockdowns began, the security company saw around 60,000 attacks per week. By April 2020, weekly attacks skyrocketed to more than 170,000 per week across five million endpoints.
Now, just over a year since COVID-19 forced a global shift to remote work, we take a look at how the world is adjusting to the new working environment.
Seems like WFH is here to stay
It seems that WFH is here to stay as enterprises begin to adopt a hybrid model. According to Gartner, 47% of organizations will give employees the choice to WFH on a full-time basis, while more than 80% will allow employees to WFH at least one day a week. This will likely come as good news to the many employees who enjoy remote work, with 65% stating a desire to WFH more than three days a week, according to a survey by Evolve IP. The same survey shows that 75% of employees deem themselves more effective when working remotely, averaging a 31% increase in productivity.
With more than a year to adjust to the new changes, organizations have improved their security approach to remote work with the adoption of, and enhancements to, WFH policies. Employees are also getting more familiarized with the teleworking environment and how to minimize the associated risks.
However (yes, there is always a “but”), there are always security vulnerabilities. Evolve IP’s research found that 60% of employees believe that there could be improvements to security, with half of IT professionals agreeing. Primarily, policies and guidelines are ineffective if not enforced; 25% of employees with strict WFH guidelines do not even follow them. Of course, many enterprises have now backed their policies up with network and endpoint security solutions, if they had not already. However, due to the rapid shift to remote work, many employees use their personal devices for work purposes, and a recent report suggests that around four in ten will remain permanent.
This is a significant risk for enterprises as personal devices often go unmanaged and lack the necessary security measures; 56% of employees use their personal computers as their work device, and a further 46% use their personal mobile phones, with 60% of organizations not having acceptable use policies for such devices. So, in many cases, there is not even an obstacle in the attacker’s way. In fact, 23% of employees are unsure of the security protocols implemented on their devices. That is like saying you are not sure if your door has a lock on it – I don’t know about you, but I would not be able to sleep at night knowing that my front door could potentially be opened by a burglar.
A lack of security measures is especially worrying since employees pose the most significant cybersecurity risk to organizations, and it is security solutions that mitigate such risks. Yet, even with security measures in place, such as NAC, VPNs, and IDS, malicious actors have successfully bypassed them through hardware-based attacks; and remote work makes this type of attack easier to carry out. Hardware attacks require physical access to an endpoint or network, and the various locations in which remote devices are used provide a more dispersed, less physically secure attack surface for attackers to exploit.
Hardware security as the first line of defense
The main challenges regarding remote work are a lack of control over device usage, and the ineffectiveness of security solutions. As such, enterprises need to focus their attention on hardware security as the first line of defense. Sepio Systems’ Hardware Access Control solution (HAC-1) provides visibility of all hardware assets operating across the corporate infrastructure on both the USB and network interface. HAC-1 analyzes the Physical Layer to detect and identify all devices, and their true identity. This capability allows the organization to effectively enforce hardware access control policies based on roles and device characteristics.
When a device breaches the pre-set policy, HAC-1 automatically instigates a mitigation process that blocks the device. As a result, enterprises can minimize the risks associated with remote work at the first opportunity, and no longer need to rely on employees and ineffective security solutions to provide protection. As telework looks like the new norm, security departments need to ensure that the most efficient tools are deployed. Without them, the enterprise will become a victim to a hardware attack sooner rather than later – and a more frequent one at that.