Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Cybersecurity is Never Out-of-Office

Help Your Colleagues Take that Well-Earned Break

Things to consider which may help keep attacks at bay and allow everyone to enjoy their well-earned break

Help Your Colleagues Take that Well-Earned Break

Things to consider which may help keep attacks at bay and allow everyone to enjoy their well-earned break

Over the last year, up to two-thirds of us had to work remotely, and a significant number will continue to do so. This has caused a blurring of the boundary between work and home, with many people using personal devices for work use or work devices for personal use. Security teams have seen traffic increases on the corporate network for shopping, social media and online education. Introducing new policies to manage risk on corporate devices and monitor home-network traffic without encroaching on staff privacy has proved a tricky balance, attempting to remain vigilant, fully compliant and provide protection without affecting the end-user experience.

Now summer is upon us and, unlike last year, many folks will get to use their much-needed PTO to get out of the “office” and travel now that more countries are opening. But while workers need to rest and recharge, cybersecurity hygiene can never take a break. Summer almost always means fewer hands on deck as people set off for vacations but, this year, the added layer of the world beginning to open up a little may lead to even more skeletal skeleton crews. 

Add to this the complexity of supporting and securing systems now operating in a hybrid model with remote working still normal but staff also slowly returning to the office, the risk of cyberattack increases. We are too close to the holiday season. It is too late to implement complex new systems – but it’s never too late to start planning. So, what are a few things to consider which may help keep attacks at bay and allow everyone to enjoy their well-earned break?

Help Your Colleagues Take that Well-Earned Break

When we’ve all been working for so long, it can be hard to close the laptop lid and shut it down for a week. Many of us have already changed our working hours due to being remote, so being disconnected from colleagues can make some feel that being online is the same as being ‘there.’ 

A straightforward idea that can help employee wellbeing and cybersecurity safety is to run an internal awareness campaign on the importance of taking a proper break. Educate users on setting effective out-of-office messages, delegating activities and putting work on pause for a week. Not only will everyone feel so much better on their return to the office, but the security team’s workload is reduced if no one uses ‘free Wi-Fi’ in the holiday hotel or leaves their corporate phone unattended on the beach while they go swimming.

Enforce VPN, but Make Sure it’s Up to the Challenge

Advertisement. Scroll to continue reading.

Forcing people to use the corporate VPN is one way of better protecting access to sensitive information, as we all know that some people can never switch work off during a vacation. During the lockdown, many organizations upgraded VPN concentrators or even moved to cloud-based solutions to deal with additional scale requirements of remote working, so performance should not be an issue. However, vacation is not the same as remote-working because employees can be anywhere on the planet, attempting to use whatever Wi-Fi that is available at a given moment. 

Review which sensitive applications are available outside of the VPN, consider re-configuring access to only be available when using the VPN. One thing to remember with a VPN is that typically the software grants access to portions of the network inside the firewall, which can be a risk if the device accessing the resource is infected with malware. An excellent recommendation to enhance network access is to move to cloud-based solutions where possible, ensuring that multi-factor authentication is enabled and looking into a CASB (Cloud Access Security Broker) solution that provides highly granular access controls and reporting/auditing of user access.

Review Security Policies, don’t Over-Complicate

A security policy should be invisible to users with templates put in place to protect data in and out of the network and enforce rights over access to applications and settings. In the last year, new policies will have been created to support remote working and security teams needing visibility over remote workers. 

If policies become too complex, users will attempt to circumvent them. This is not an attempt to break security, but simply because they want to be as efficient in their job as possible and may feel that the burden of security slows things down.

Now is a great time to perform a policy review. Ensure that the VPN is enabled as needed, and DLP (Data Leakage Protection) controls protect sensitive documents without making it hard to view/edit them on a mobile device (a common problem!). The review may also highlight areas for future investment, such as cloud-based services or advanced threat sandboxes to help keep attacks outside the network.

And What About the Next Big Project?

Eventually, the summer holidays will be over, and after successfully protecting the business from threats, it is time for the security team to start planning its next project. 

ZTNA or Zero-Trust Network Access should be a strong contender. If you’ve not started already, it’s too late to implement for the upcoming holiday season, but with planning it could be ready for Christmas.

ZTNA is the concept of only providing the lowest possible level of access to users for them to complete their role, and ZTNA solutions grant the least permissions to specific applications and resources based on role or user and whether the resource is hosted in a cloud or data center location.

This level of configuration makes it much harder for an attacker to break in and steal data. At the same time, if a device infected with malware connects to the network, it is less likely to spread laterally or compromise other devices.

I hope that we can all take a proper vacation this year – whether it’s overseas or just camping in the back garden, the break is needed, and downtime is essential. Just remember that cybersecurity – and the bad guys – won’t take a break at the same time as you, but I hope that this article highlights that some simple steps can be taken to keep your business safe whilst you are out-of-office.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.