IT security is firmly at the forefront of the Head of IT’s mind. Hardly a day goes by without a story in the media about data theft, ransomware, or a security exploit. The FBI estimate that malware exploits and general IT-related thefts are significantly on the increase.
They attribute it to the increasing use of remote working and working from home leaving loopholes in corporate IT security programmes.
The pandemic in 2020 has forced many organisations to turn their development plans into survival plans. Especially in retail, companies have seen their bricks-and-mortar stores failing because of the fall-off in foot traffic. As a result, staff have started to work from home and they have accelerated the move to e-commerce by creating a full-on online retail outlet.
From a business and an IT perspective, this is difficult to do and has resulted in many compromises along the way. Unfortunately, IT security in the broadest sense sometimes has been one of those compromises.
At this point, it must be stated firmly that IT Security is not solely IT’s responsibility. Users have a great part to play in keeping corporate information secure. The whole cyber-security drive must be led from the highest levels in the organization to make sure that training, prevention and remedial programmes are in place.
It not a question of if, but a question of when the organization is subject to a cyber-attack. Responding to the fall-out will be a company responsibility.
Where do security risks arise in the new world of 2021 and can they be ignored safely?
The biggest threats of remote working relate to the connection and the link. Remote users usually connect via insecure public WiFi or cellular connections. The connection must be an encrypted VPN connection with credentials required to access corporate data.
Remote working brings additional threats from BYOD, where IT cannot be sure what the remote user is attaching to the network, and of its anti-malware status. IT needs to recognize that BYOD is a major security threat, and take positive steps to ensure that they can control end-user devices with the ability to scrub them clean of corporate data and forcibly disconnect them if that is needed.
IT must also be aware of and guard against the so-called “man-in-the-middle” threat.
The user must keep their link credentials secure, just as they do their bank card credentials.
Ignoring the security threats of remote working and BYOD is a recipe for disaster.
Working from home
The threats posed with working from home are similar to those of remote working. However, since working from home is more like having your office desktop PC transported to your home office, working from home users have access to a broader range of applications and data than road warriors using remote access.
The mode of access will also be different. Many homes nowadays are connected to the Internet via fibre to the home connections as always-on connections. Again a secure connection using a VPN with log-on credentials is needed.
Users also need to understand that a home computer used by all the family for gaming and conversations with family and friends is potentially a serious security risk. A home computer with access to corporate systems needs to have anti-malware up and running, and up to date. A corporate policy that allows IT to inspect a home computer and push anti-malware software and updates onto it will be necessary. It may be necessary to create a separate user environment for work access to separate family and work use.
Allowing home computers to have free and unrestricted access to corporate systems is a great risk.
Two of the greatest increases in malware attacks have been DDoS attacks and ransomware. Some industry gurus have speculated that their increase has been companies trying to prevent new e-commerce competitors from coming to market and gaining market share.
In an e-commerce environment, a customer will move to a competitor immediately if they cannot use your e-shop.
The FBI has stated that the only truly secure website has not been hacked yet. The prudent organization will have mitigation and remedial policies and procedures in place that will be implemented if and when an attack happens.
IT must ensure that appropriate monitoring and alert software is continually scanning the network for attacks, and staff are aware and ready to react. When a DDoS attack does happen, some organisations immediately divert all incoming traffic to an alternative hot-standby site, either of their own or to a scrubber who cleans their data and sends it back.
If an organization ignores the threats posed by ransomware and DDoS attacks, that is a major risk to the survival of the organization.
Overall, it might sound a bit trite and scaremongering, but no security risk is truly minor and can be ignored safely.