When the coronavirus pandemic hit, the worldwide workforce needed to make the rapid transition to work from home. This means businesses needed to transform their security perimeters practically overnight, requiring IT leaders to rethink the way they protect their organizations.
Remote Work Challenges
Even before the pandemic, organizations were working on security protocols that included both on-premises and remote work due to a major upward trend of working from home.
Analysis from FlexJobs and Global Workplace Analytics show that in them span of one year, from 2016 to 2017, remote work grew 7.9%. During the last five years it grew 44% and during the previous 10 years it grew 91%.
These numbers reflect that remote work is here to stay, whether due to a crises or societal shifts in the workforce. Companies are now faced with how to manage the security challenges posed by remote workers. Remote access solutions require organizations to expose service from their premises and allow internet access to it. Exposing critical services on the internet makes them vulnerable to service disruption from DDoS attacks.
Now that our current situation has placed the bulk of the workforce at home, how should security protocols change?
Again, even before the Coronavirus crisis, many companies were on digital transformations to more their applications and infrastructure to the cloud. Amazon Web Services, Microsoft Azure and other service providers have all become critical hosting providers. Companies are moving to the cloud to be more agile and flexible, increase infrastructure operations and to be more responsive to customers.
But this agility comes at a cost because public exposure of assets leads to new threats, previously unknown with premise-based computing. Computing resources hosted inside an organization’s perimeter are more easily controlled. When those same resources are moved to the public cloud, they are no longer under the direct control of the organization. Administrators no longer have physical access to their workloads. Even the most sensitive configurations must be done from afar via remote connections. Putting internal resources in the outside world results in a far larger attack surface with long, undefined boundaries of the security perimeters.
As organizations gain more remote workers during these coronavirus times, what best practices should IT be implementing to help organizations mitigate the emerging risks while embracing a remote workforce?
Here are four key best practices for organizations to adopt, in order to secure remote work:
- Ensure your user authentication is strong and well configured – make sure a strong password policy is put in place, requiring strong passwords, periodic password rotation and that multi-factor authentication is required.
- Ensure none of your assets are exposed to the public unintentionally – make sure all assets are protected, and that remote access ports (such as SSH and RDP) are closed, as well.
- Ensure entities access permissions incorporate the principle of least privilege – make sure IAM policies require access keys, that no account is granted full “*.*” administrative privileges, and that unused accounts are closed-down.
- Ensure your logging configuration is correct to get a better visibility of your public cloud – make sure logs are turned on and collected for network and storage access, and that you keep full records of all transactions in you cloud environment.
While COVID-19 is (hopefully) a passing event, which will soon be behind us, it has accelerated the shift to working-from-home, a trend which will likely become a permanent fixture in our professional lives. However, much like cloud computing in general, working from home presents security challenges related to the particular nature of remote work. Adopting the best practices listed above will go a long way to securing organizations against the security challenges of remote work, and decrease the risk of unauthorized access.
Note: A version of this article first appeared in the Journal of Cyber Policy.