First and foremost, our hearts go out to those around the world impacted by the COVID-19 virus. The director of the U.S. Center for Disease Control & Prevention (CDC), who advises the country on public health, has indicated that the risk to the general public remains low and encourages Americans to go about their lives. Businesses and local communities are taking a much more personal approach. Many business, schools, and other organizations are advising their employees to work from home and students to stay home or use online learning to prevent the spread of the Coronavirus.
We are seeing an unprecedented number of remote users on home and public internet services accessing their employer and school resources. This opens up these organizations to more risk from all of the remote users. IT departments are monitoring network bandwidth, VPNs, and access controls to make sure employees can still do their jobs. It is putting a strain on the organization infrastructure and the various internet providers.
From the employee’s point of view, do they have adequate infrastructure at home to work remotely?
- Are their internet speeds fast enough? When subscribing to a service, most users are looking for fast download speeds so they can stream content, but for a work from home scenario, the upload speeds are critical, too.
- What is their bandwidth cap? If one or more parents are working from home, kids are doing online learning because schools have closed (There are several instances of this.) and they are still streaming all of their TV and movies. That bandwidth cap can seem very small, and going over it can be costly.
- Is there a good area to work in? A desk for most jobs is optimal, but if both parents are working from home and the kids are doing online learning, then finding enough well-suited quiet places can be a challenge. Is everyone around the kitchen table?
From the organization’s point of view, is the infrastructure in place to support a remote workforce?
- Do employees have adequate resources to enable working from home? Laptops, chargers, headsets, remote desktop environments, VPNs, messaging, and phones?
- If all internal assets are over VPN, will it support the entire workforce connected at once?
- Is all internet traffic being forced over the VPN, and will employees be able to access home resources like printers?
- Can employees access hosted cloud-based applications when not on the VPN? Are they able to use shared office suites and cloud storage accounts to share and collaborate on documents?
- For remote workstation setups, can the servers keep up with demand? Is the latency low enough so the system is usable?
- How will employees communicate? Do all employees have access to web and audio conferencing accounts? Are chat programs in place?
- Do you still use printers and need to file hard copies of documents?
- Are you reimbursing any extra costs? What if an employee goes over their internet cap or cell phone usage?
Assuming the organization has everything in place, what are the additional security risks?
- Most home networks are not secure. It is estimated that most broadband connected homes have over 20 connected devices when you consider phones, laptops, thermostats, cameras, doorbells, Wi-Fi access points, modems, TVs, etc. Many of these are neither secure nor updated regularly.
- How are the organizations assets being secured? Do all of your security controls assume that the asset is on the internal network or VPN for most hours of the day?
- Is AV and Malware detection being updated remotely?
- Microsoft released 115 CVEs in March. Will your employees get these updates automatically?
- Are the new 100% remote assets being scanned for vulnerabilities?
- How are policies and hardening being enforced, and are new unapproved applications being installed on these assets?
- Are employees able to browse to malicious sites from home, or are controls in place to prevent them?
- What is the plan should assets become infected or get broken? Are there spares in place ready to be delivered or shipped?
Security departments need to be on high alert due to the impact of the Coronavirus. With the larger remote workforce, there is a much greater risk that someone will get breached or pwned. If security controls and updates only work when connected to the internal network or via VPN, then encourage employees to leave laptops connected overnight and change update and scan schedules to reflect the new hours. Enable captive portals to validate the security and policy compliance of a system before it is granted access to the network. And wash your hands!