Remote Workers = Increased Risk
During this time of minimizing physical contact to reduce the spread of COVID-19 many companies are promoting telecommuting, and increasing remote access of their organization’s network. This is inherently risky, due mostly to substantially increasing the number of threat vectors into their network.
Home devices can include personal computers which are commonly accessed by numerous family members in a household. Laptops that remote in are often used to visit a variety of other non-business sites and run personal software. Mobile devices that connect to a business network are typically running a variety of non-business applications. Each website visited, attachment opened, application accessed, or non-vigilant person using a device equals another potential threat vector.
Most households function with a simple unsecured modem and do not have a protective firewall in place. Today, most consumer-grade anti-malware and anti-virus protection software won’t even slow down hackers from penetrating an organization’s network. Another risk is cyberthreat protection on mobile devices is rarely utilized.
Many companies believe that using a Virtual Private Network (VPN) to securely connect from the end device to the business network assures safe access, but this is not completely accurate. A household or personal device may have been breached or may have malware in place that can then use the secure VPN connection to infect the network.
Securing Remote Access
Future Networking can work from the outside in, implementing VPN hardening to strengthen remote device connectivity, as well as assessing each endpoint to verify the device is clean. Alternatively, we can start with the security of the core network first. We’ll secure it from attack through remote monitoring, and other protections, and then expand out to the remote devices.
Either approach improves the security profile of the organization.
We can also assist organizations with establishing remote security policies. We utilize proven processes to deploy technologies that not only include secure connectivity solutions (VPNs, Multi-Factor Authentication [MFA], etc.) but also provide specific hardware as needed (firewalls, switches, laptops and PCs).
For those organizations that must meet compliance standards (HIPAA, CMMC, etc.) we align our entire approach, including documentation and reporting, to meet those requirements.
Secure Video Conferencing
Video Conferencing is not new. However, the 2020 COVID pandemic forced widespread and rapid adoption of it. This revealed the tool is as susceptible to exploitation and cybersecurity threats as any other connected technology. While many of the incidents were only awkward or embarrassing, others were highly offensive or allowed access to privileged information
The adoption of video conferencing to replace in person group meetings is unlikely to slow or be abandoned in favor of returning to in person meetings. The original drivers for adopting this technology still remain, it is far more efficient and cost effective. The reduction in travel expenses, logistics, and time were hard to ignore in the best of times. As organizations look to continue to find ways to reduce costs, improving meeting efficiency is hard to beat. Securing this tool becomes critical so organizations do not fall victim to data breaches, data leaks, or attacks on staff through offensive content introduced by malicious outsiders.
How can video conferencing be secured and still be leveraged as a vital tool?
- First, understand that security for remote communication is more important than ever. Current off-the-shelf apps, including video and chat software, are often riddled with security holes. They need to be configured correctly and secured.
- Second, plan for multi-person video conferencing to continue to augment and replace in-person and physical face-to-face, meetings. Robust security, technology, and connectivity will play an even greater role as time passes as malicious actors attempt to take advantage of this platform. It will require auditing and vigillance to stay ahead of threats.
- Third, immersive telepresence and videoconferencing will be used by innovative organizations to gain competitive advantage. Those most effective at using this tool for collaboration and productivity will find equal to or greater results than in-person meetings. They will be able to build strong teams through maintaining the human connection aspect of remote digital communication.
Future Networking provides Cybersecurity for videoconferencing and offers hardware and software solutions up to fully immersive conference environments. We can help organizations establish new solutions or audit and optimize solutions they already have in place.