COVID-19, The Silent Hacker

Written by

Before COVID-19, remote-work was considered a privilege, not a right. Business leaders worried about how managers could know whether employees were productive without seeing them at work. As the pandemic forced businesses to rethink their workforce logistics, it became apparent these assumptions were wrong. The technology to work from anywhere was available. Many of us turned out to be workaholics, working nearly 2.5 hours a day more, according to NordVPN, a New York-based company providing virtual private networks (VPNs) to businesses.

They found that the United Kingdom and the Netherlands stood out, with employees working until 8pm, regularly logging off later than usual and significantly more productive employees.

This shift in working came at a price. IT departments were stretched in their efforts to roll out equipment to meet staff requirements for home working. This manifested itself in the lack of laptops to purchase. Companies rushed to increase licenses for endpoint connections. Then there was the support burden, with IT finding it impossible to support, configure or simply understand all the devices being connected to the network; it was BYOD on steroids!

In this rush to go remote, even users did what they could to get at the information. Often, they would email documents or use public cloud to move data around. This was commendable in terms of tenacity but is coming back to haunt many organizations, as they realize that data has been copied multiple times and do not know where it is. Additionally, shadow IT has always been a problem, especially for data security. Having data scattered around means it is out of corporate control and, if sensitive, highly damaging to the business, either in loss of IP or possible fines due to theft.

Another risk is failure to comply with a GDPR Subject Access Request, which are growing in popularity. With data scattered, where do you start? If data is missed, the organization can face severe fines from the ICO.

It is not only shadow-IT that COVID-19 has hacked. Many individuals used their own devices to connect to their office. Possibly the same device their children used for remote school lessons. Uncontrolled access to a PC, or similar device, meant that data could be leaked or corrupted, either unintentionally or by malware downloaded by the child. IT support could not install endpoint protection quickly enough or found that the device was too old; worse still, they got caught up with legal and HR departments with issues surrounding monitoring a personal device.

Now that things have settled down and companies are thinking about their long-term options for flexible working wrestling back control of the corporate data assets must be a priority, with data security and integrity being the guiding factors.

Three starting points to consider are:

  1. Deploy a data discovery tool to search out PII, IP, classified data, HR records, etc. These tools can be configured to find the data and move it to a secure location where it can be encrypted, classified and alerted by the relevant parties. From this point, the data can be de-duplicated and even traced back to find where it originated, and policies can be put in place to ensure that no other data is stored there.
  2. Review the remote access solution in place to ensure it is secure and flexible enough to meet the business needs. Most companies have extended their firewall to allow a VPN but have not deployed multifactor authentication. Another option is to use remote desktop technology. The benefit of this is the business can control where users store data, which removes the shadow IT issues and brings data management back to the company. These systems can scale rapidly should demand exceed expectations, and it supports all forms of the device, even out-of-date devices running old operating systems.
  3. Integrate data backup and disaster recovery systems to include remote devices. This strategy can add extra protection by protecting endpoints against ransomware, rogue applications or unusual behavior. Also, if a device needs to be replaced, images can be restored onto a new machine remotely, significantly reducing the workload on the IT support team.

COVID-19 continues to have the ability to disrupt business. Employees have been awoken to the advantage of flexible working; they have been introduced to the concept of TWaT's (working Tuesday, Wednesday and Thursday) and will demand the option to work from home or will look to join organizations that offer such flexibility. So, now is the time to put in place a system that can empower flexibility in working without driving support teams into the ground and keeping the corporate data safe and secure, not scattered to every nook and cranny of the internet.

What’s hot on Infosecurity Magazine?