Remember nearly 9 months ago, when you hastily closed up your business and sent your workers home? What was meant to be a 15 day lockdown has grown into an ongoing situation few could have predicted. Many organizations have found the personnel they released to work remotely at the onset of the coronavirus are still working from home – whether out of an abundance of caution from the company, or a personal choice. While parts of Florida have all but cancelled stay-home orders, some have not; and many states are also still under strict lockdowns. For organizations will employees in areas that going to work is still not possible, remote networks have been built and maintained. For many, a VPN (virtual private network) is utilized to reach corporate data, whether in your data center or in the cloud. But experts have flagged VPNs as possibly the top security risk of the COVID era.
These risks stem from the fact that a home network has far fewer controls than a corporate environment. Employees may be using a home computer instead of a company issued device; or have their home network attached to a corporate VPN. In what may be the most dire scenario, your home employees may be connecting to your secure data network with consumer-grade VPNs. While some of the consumer VPN packages may be completely secure, many are not; with servers based in countries that have known disagreements with the United States.
Why is it dangerous to have the family computer linked via VPN to your data network? A home computer which is used by the family is open to a whole host of risks. Imagine your pre-teen hops on the computer in the evening, and downloads a bunch of games and software fraught with malware. The malware now has access to your network.
Your home network may also be utilizing the VPN connection for internet access which provides the family with all the games and social media they wish. The security risk is that these games are downloaded through your corporate network, meaning that your organization may be responsible for the content your family is accessing.
We Weren’t Ready for It
“The vast majority of organizations were not prepared for 100% work from home on a cybersecurity basis,” said Sultan Meghji, CEO of Neocova. “You had a VPN designed for emergency or off hours. Now it’s being used for significant use.”
The home office infrastructure was never designed for maximum security. Experts see the threats evolving quickly, as hackers can target high-quality targets, such as company executives, through their less-secure home networks. And as the crisis continues and threatens to reemerge this winter, companies may be forced to reevaluate the situation. Many executives are looking at work-from home scenarios as a permanent adjustment to their culture, necessitating more stringent home office protocols go forward.
It’s not all negative, however. With sharply decreased overhead and improved employee morale, many are seeing the shifting workplace as a positive move in the future of the organization.
Going Forward – Facing the Security Risk Head On
In general, people are motivated to self-manage the security risk if they are properly trained and understand the processes you have initiated for your organization. Education on upgrading their home infrastructure will go a long way to protecting the organization. Opportunistic hackers and cyber criminals are looking for lax home networks to capitalize on, so ensuring your employees have state of the art routers and secure VPNs is a must. It is typically in the company’s best interest to buy the necessary equipment and licenses. The upfront cost in the short term can pay off massively if it prevents a data breach or hack of sensitive corporate data.
While it all may seem overwhelming, there are people who can help. Alliance IT is a professional managed services firm who can assist you to solidify the transformation from centralized office to remote workforce. If you are in the Sarasota area and would like to discuss the possibilities, call Alliance IT today.