After many companies were forced to go remote or partially remote in the face of COVID-19, businesses’ networks are becoming wider and more disparate. This change is also driving a widespread cloud migration and an increase in devices – many of them personal – connecting to corporate networks.
October is National Cybersecurity Awareness Month. To address these changes and the risks they create, this year’s theme is “Do Your Part. Be Cyber Smart” with a special focus on securing connected devices. This blog covers endpoint protection in remote and hybrid-remote environments and the importance of remaining “cyber smart” with device protection.
The Importance of Endpoint Protection
Keeping your company’s proprietary data protected when working remotely requires constant effort, and it’s important to stay vigilant. The average cost of a data breach in 2019 was $3.92 million – a staggering figure that would frankly put many companies out of business if a breach were to happen to them.
As BYOD policies and remote devices connecting to the network proliferate, businesses need to prioritize endpoint security. Not taking the time to secure the devices used to access company data can create vulnerabilities that hackers are trained to spot and exploit.
Companies should make sure all employees understand the importance of cybersecurity, including their personal security responsibilities and the risks of not following best practices. Security awareness efforts should focus on remote and partially remote employees, making sure they have the proper training and resources to follow end-user best practices. We recommend starting with those listed below.
Help Employees Be Cyber Smart With End-User Best Practices
1. Use Multi-Factor Authentication
Cybercriminals take advantage of the fact that many people reuse the same password across multiple applications, recycle passwords after one or two cycles, and opt not to change their home router passwords from the default. According to the Verizon Data Breach Investigations Report, compromised passwords are responsible for 81% of hacking-related breaches.
To reduce the risk of a cyber sleuth gaining access to employees’ username and password information, create password requirements (i.e., must be longer than 8 characters).
Further, passwords should be just one of multiple authentications steps. Devices, applications and important accounts should be protected with multiple layers of authentication, like a password and a passcode texted to the user’s phone. With multi-factor authentication (MFA) in place, even a compromised password won’t grant access to someone’s account; the hacker would also need access to the user’s phone, email, fingerprint or other personal data to gain access.
Some MFA solutions, like Cisco Duo, consolidate logins securely with a single-sign-on feature, so employees aren’t burdened with MFA requirements for every login.
2. Use AntiVirus Software
Whether it be a smartphone, tablet, or laptop, cybercriminals are looking for ways to infiltrate your devices to insert harmful malware or ransomware.
Utilizing an antivirus software on any device used to access company data will significantly decrease the risk of that device becoming infected with a harmful virus. If your employees are using a personal device for work, even free antivirus software will help thwart cybercriminals.
3. Keep All Software, Operating Systems, and Applications Up to Date
As quickly as manufacturers and developers can develop a patch to circumvent a security threat, hackers can develop a new batch of harmful malware that exploits another unforeseen gap in security. Keeping up with manufacturer patches for the OS of devices and software upgrades for your critical business applications puts you one step ahead of these cybercriminals, significantly lessening the chances your device will be targeted.
4. Always Use a VPN or Encryption
One of the ways cybercriminals access data and company devices is through vulnerabilities found in the Wi-Fi networks that connect to business files and applications. Connecting to public Wi-Fi opens you up to a whole host of potential risks, including rogue networks, worm attacks, snooping, sniffing, and more. To keep your personal and company data secure, make sure employees only connect to Wi-Fi connections they trust. If this isn’t an option, they should use an encrypted tunnel like a VPN to access company data.
5. Stay Vigilant to Prevent Phishing
Phishing and spear-phishing attacks are at their highest level in the last three years. These types of cyberattack use social engineering to gain access to personal and corporate email accounts.
The most common form of phishing includes embedded links or attachments that contain harmful malware or ransomware that appear to come from a trusted source, like an HR department, manager, or personal contact.
Spear-phishing is becoming increasingly popular as well. It was responsible for a recent Twitter hack, where bad actors successfully targeted specific employees with spoofed phone calls.
Many companies are issuing refresher courses on phishing awareness for their employees. To help employees stay cyber smart and stay safe from digital predators, make sure they follow these guidelines:
- Always verify the sender’s name and email address. If it looks weird, suspicious or different from the norm, don’t open the email.
- Do not click on any links or open any attachments if you don’t recognize the sender.
- Beware of non-email phishing, like people asking for login credentials on the phone, through text or in-person.
- Change your email password often, and avoid recycling passwords.
- Report any suspected phishing to a supervisor or IT.
If you’d like to learn more about email security and anti-phishing best practices, our post, How To Protect Your Business From ACH Phishing, is a good place to start.
End-user best practices are only part of the larger security picture. Most businesses have devices that aren’t assigned an end-user – like printers, scan guns, thermometers, security cameras, manufacturing machines and more – connecting to the network as well.
Just like an employee laptop, any of these connected devices could give the wrong person access to the network without the proper precautions. Further, remote and partially remote setups mean that people may be in the office less often to check and monitor some of those connected devices in-person, opening a wider attack window for hackers to exploit.
In addition to end-user best practices, companies should take the following endpoint security precautions as well. Note that these should apply to all network-connected devices, including those assigned to an end-user.
You can’t effectively protect devices you don’t know about. Before jumping into the specifics of non-user-driven endpoint security, companies need to make sure they have an up-to-date inventory of all devices connecting to their network.
A device inventory should include patch and update history, a patch/update schedule, any known upcoming patches or updates, known vulnerabilities, location, usage, identifying information (i.e., IP address and serial number), and EOL (end of life) dates.
Rigorous Firmware Updates and Patch Management
Often, updates tend to take priority on user-assigned devices. However, companies cannot afford to let firmware updates and patching on other connected fall by the wayside – especially in this new environment of heightened risk and the disparate workplace. We recommend using your inventory as a record-keeper and following patch and update schedules rigorously.
In a remote or hybrid-remote environment, it’s more important than ever to appoint specific people to complete tasks so they don’t get missed. Make sure everyone knows who’s responsible for patching and updating connected devices.
Encrypt Devices Where Possible
Again, encrypting devices like printers and scanners might seem low on the priority list; however, neglecting any network connected devices creates security gaps. Companies should encrypt the devices and applications they can – including employee-issued devices. For devices that cannot be encrypted, consider replacing them with alternatives or only connecting them to the network when they are needed.
Consider a Comprehensive Network Security Solution
To address emerging security threats and the significant risk they pose, many companies invest in a comprehensive network security solution. Some, like Cisco Umbrella, use machine learning to learn what normal and abnormal activity look like on your network and intelligently detect and stop threats before they occur. As disparate networks become more prevalent and necessary in today’s business world, this is becoming an increasingly popular option.
Partnering With Security Experts
Following the endpoint security best practices on this list is a great start to shoring up your company’s security efforts. However, many businesses partner with an IT security provider to make sure they’re being cyber smart – especially when in a new remote or hybrid-remote environment.
ZAG Technologies is a leading IT security consultant with experience securing remote environments. To learn more about their security services, visit their overview page.