Protecting Your Customers’ Weakest Security Link: Remote Workers

Employee behavior has always been a vital part of SMBs’ security challenges. With so many workers now working remotely, these challenges have intensified.

Working from Home

The saying “a chain is only as strong as its weakest link,” comes to mind anytime the topic of remote workers comes up. Even before the pandemic and the need to physically distance workers to slow the spread of the coronavirus, employee behavior was a top concern for IT solution providers.

A 2017 study conducted by Dell that surveyed professionals who handle confidential data at their companies, revealed 72 percent of employees were willing to share “sensitive, confidential or regulated company information,” mainly to do their jobs more efficiently and effectively. Additionally, the survey found that 45 percent of employees admitted to engaging in unsafe behaviors during the workday, including connecting to public Wi-Fi to access sensitive information, using personal email for work, or losing a company-issued phone or computer.

With the current pandemic situation, there’s now an added layer to the mix: a lot more of your customers’ employees are working outside the corporate security perimeter, making it more challenging to “see” and protect their computer activities. It’s more important than ever that both IT professionals and remote workers take the necessary steps to prevent data breaches and cyberattacks.

Infoblox recommends that partners implement the following guidelines and best practices to ensure the security of their corporate data and networks while employees are working from home.

Develop (and communicate) cyber safety policies

Employees can’t be protected and held accountable if they aren’t given expectations for security hygiene when working remotely. Make sure your customer has cyber safety guidelines in place, so everyone has the same expectations. It’s also critical to make sure the IT team is engaged with remote workers to identify where productivity bottlenecks might occur as a result of the security tools or policies. If the procedures are too cumbersome, employees will find a way around them and create new vulnerabilities. Security must not suppress productivity.

Some of the essential areas to address in your customers’ cyber safety policies include:

  • Computers. Your customer needs to know whether their employees are using company-issued computers or personal devices to do work, and so do you. The old adage is still true: you can’t protect what you can’t see.Minimally, employees need to use strong passwords (e.g., at least 12 alpha-numeric characters), and their devices should support multifactor authentication. Preferably devices should be also secured with biometrics (e.g., fingerprint or retina scanning). Additionally, users’ computers should be equipped with antivirus software and free from potentially harmful apps such as peer to peer filesharing apps that are notorious for being conduits for malicious malware. partners also need visibility into these devices to ensure the OS and other software patches are kept up to date, as this is the primary attack vector for cybercriminals.
  • Email best practices. Email is another primary attack vector for cybercriminals, and it comes in a couple of forms:
    • Phishing attacks — These are emails sent from legitimate-looking companies, such as a bank or mail carrier service, that contain links or attachments that unleash ransomware or other malware on the victim’s computer and network.
    • BEC attacks — Business email compromise occurs when a hacker gains access to a user’s account and takes it over for nefarious purposes, such as to ask an employee for sensitive company information or to wire money.
  • Cloud-based shadow IT. SaaS-based shadow IT is another serious security problem for remote workers, and it isn’t just nefarious peer-to-peer cloud apps that are the issue. Legitimate apps like Zoom and Dropbox can create security compromises (e.g., “Zoom bombing”) if they’re not configured correctly. Solving these potential pitfalls requires companies to define acceptable SaaS usage, and it requires employees to work with business owners and partners to be upfront with their needs for these solutions. partners should also use advanced tools that give them DNS-level insights into these apps, so they can better monitor and manage them.
  • Implement roles-based access to data. Accidental data sharing is much less likely to occur if users can’t access data that isn’t necessary for their jobs. If there’s a breach or a theft of credentials, this approach can also minimize the damage.
  • Reinforce policies and procedures. Where possible, implement a reward system for compliance and identifying potential vulnerabilities and set up disciplinary measures for any violations.

Implement Integrated DDI with Advanced Security

To better protect their customers’ remote workers, partners should investigate solutions that leverage DDI, a term that refers to the domain name system (DNS), dynamic host configuration protocol (DHCP) and IP address management (IPAM) functions. These processes are some of the first services that a device contacts when it connects to a network, and can be used to provide critical security and visibility for IT teams.

Implementing an integrated DDI solution helps partners simplify and automate the management of the interactions between DNS, DHCP, and IPAM. These capabilities enable organizations to effectively cope with ever-increasing volumes of IP addresses and business dependency on core network services. DDI also can play a significant role in  next-generation network technologies like software-defined networking — a new approach to network architecture that facilitates an enterprise’s move to the cloud by focusing on automated provisioning and integration with cloud orchestration systems.

Ongoing Training is a Must

Giving users policies to follow and reminding them of best practices isn’t useful if it’s only a one-and-done event. Users need regular training and reminders for real changes to occur. Using a simulated phishing service is an excellent way for partners to keep security awareness top of mind. With these solutions, the partner sends simulated phishing emails to users, and the partner is alerted when a user takes the bait and clicks a link or opens an attachment. These programs give partners additional visibility into their customers’ security hygiene and help partners focus their training on users who need it the most. Training programs also can become a source of incremental revenue.

As networks continue to be more decentralized and more employees take advantage of the benefits of working from home, securing workers from malware and other cyber threats will remain a challenge. Emphasizing and implementing these security solutions and cyber safety best practices for working from home will help ensure your customers’ employees stay safe from cyber threats, no matter where they’re working.