Many organizations are shifting to hybrid work models because of COVID-19. This model brings with it some unique security challenges. In this blog, we are going to walk through some current and anticipated future security risks we see with the hybrid work model, along with some high-level recommendations on remediation.
Changing Perimeters and Endpoints
From a security perspective, one of the biggest challenges with COVID-19 and work-from-home is moving perimeters and endpoint security. When the pandemic hit, your perimeter moved from being the actual perimeter of your location within your environment and all the way back to the terminals. Organizations started with a simple view of where the perimeter was to one where the perimeter became the endpoint, all users, and all data.
This has caused significant security concerns around how that data is being accessed, transmitted, and stored. This is especially an issue in flat environments where getting in at one point can give you access to everything. It is critical to protect those endpoint devices that are now the absolute edge of your environment and make sure they are secure.
On top of the issues that organizations had with the moving perimeter, many also had to face challenges from bring-your-own-computing-platform situations. If organizations didn’t have laptops or portable devices for their workforce, or couldn’t purchase them when the pandemic hit, users ended up using their own devices to continue working. Suddenly, the company data was the perimeter because users were using devices that the organization couldn’t control.
In the past, data literally lived within an organization’s walls. Now, it’s everywhere. It’s critical for security (related to changing endpoints and BYOD risks) that your security program focus on where the data is, how to control it, and how to secure it. One of the biggest challenges with remote work, BYOD, and everything is making sure that data isn’t leaking out of your environment. If you can track that, then measure it and establish solid controls you are one step closer to mitigating those risks.
VPN and Remote Access Vulnerabilities
Organizations that had cloud-related infrastructure could leverage that to enable a remote workforce (though many found they had to change process and security around those cloud solutions to reflect the increased need from the workforce). Security risk around this cloud infrastructure goes back to securing endpoints, used devices, and BYOD situations.
Other organizations used (and still use) a more traditional approach of connecting to the home office – essentially to the data center you have within your facilities. Organizations are set up to have that user endpoint connect right back to their on-prem environment. That connection can increase the risk around your remote access.
When we look at trends in security vulnerabilities, the adversaries are focusing on this weakness. When we look at good targets from a technology standpoint, things that are remotely accessed (like email systems) are often on the list. However, VPN and other remote access solutions have been highly targeted over the last year.
In this case, it’s vital to ensure that patching and servers are up to date (we also consider this one of the top security gaps we’ve seen in recent years). It’s equally critical to evaluate authentication methodologies and use multi-factor authentication for remote access.
Return to the Office
At some point, it is likely that people will come back to the offices – though what exactly that will look like is difficult to say as the situation continues to evolve. When the pandemic happened in 2020, overnight we told our people to work from home, and almost no one had an opportunity to plan for the security fallout. But now, with a likely return to the office, you do have the opportunity to plan how you get people to securely return to the workplace.
As the hybrid and remote work landscape continues to evolve, the security team here at Core BTS will continue to monitor best practices so we can help our clients stay ahead of future security challenges. If you are looking for more information about how your organization can develop a progressive and holistic security program to address threats like this, then contact us today. We would be happy to help.
About the Authors
As the Director of Innovation of Core BTS’ Security Practice, Tim specializes in helping clients develop strategies that cover all aspects of their IT security. Having been in the industry for 20+ years, Tim has worked with numerous Fortune 500 companies in various industries on their cybersecurity assessments.
As the Director of Operations of Core BTS’ Security Practice, Justin helps organizations strategically maximize their security investments. With over 15+ years of industry experience, Justin has led many Security Incident Response engagements – giving him a unique perspective on what cybersecurity threats organizations are facing.