We are all working from home now. At least, in the technology world that seems to be true. What does this mean from a security standpoint? Here are a few thoughts:
Technology workers (programmers, project managers, customer support staff, pre-sales engineers, etc.) are generally pretty comfortable with remote work. This is the result of a multi-year trend driven by talent shortages, distributed organizations, and out-sourcing. However, traditional finance and administrative workers tend to be more office-centric. They are rapidly adjusting to working at home and figuring out how to balance work in a home environment. Kids in your space? Yup, it’s a big adjustment for everyone when you suddenly move from office to home.
With COVID-19, we are doing work-from-home to better protect our colleagues, our families, and our friends and community. It is critical that we do physical distancing and get it right. It is truly a matter of life and death.
I believe that there are security implications to this change, too. Corporate systems are at more risk.
When we move workers from the office to home, we expand the attack surface. Our home PCs and networks have probably not had the same security scrutiny that office systems have. But those home PCs now have access to the corporate network. There is a lot of use of VPN, Remote Desktop Protocol (RDP), and terminal emulators like GoToMyPC to get connectivity. I think in a lot of cases the security exposure has increased as we deal with the COVID-19 pandemic.
We need to take this expanded threat to our corporate systems seriously. Cybercriminals will happily use any new weakness to access our sensitive data. It may be a lot easier to break into your home network and jump to the corporate network. Here are some things you can do right away:
- Start reviewing home PCs and networks like you would internal systems. And start with your system and network administrators. They often hold highly authorized credentials. Create a special team to get this done as quickly as possible.
- Make a prioritized list of your application databases that hold sensitive data. Or, if you have the list, do a quick review and update as needed. You probably have some databases that are easy to protect with encryption and good encryption key management.
- These databases are fast and easy to protect: Microsoft SQL Server (TDE), MySQL, MongoDB, and Oracle Database. You can get these common databases under encryption protection very quickly.
- Do you use VMware for your IT infrastructure? You probably do. It is very fast and easy to implement encryption of VMs and vSAN. This is a fast and easy win.
- Get management buy-in. We all know that we have an emergency on our hands. Enlightened management will get on board quickly. They are going to have to approve new human resource assignments and some new budget.
We are in uncharted territory with COVID-19. Here at Townsend Security we are committed to helping you survive this challenge. We will help you get the data security you need. Just talk to us.
Patrick