Working from home is not a new idea. It has been around for a while, with many organizations deciding not to adopt that work dynamic due to cybersecurity or general employee performance concerns. However, the COVID-19 pandemic has forced many organizations to require their workforces to operate from their homes. For some employees, this is nothing new. Still, remote work is a unique and challenging operating model that requires adjustments to work behaviours for those who regularly interact with high-risk controlled data and systems.
When employees work from home, the nature and scope of cybersecurity threats indeed change. New types of risks emerge as employees rely on home computers (often infected with malware), home routers, personal mobile devices, and unsecured Wi-Fi networks to carry out their duties. As a result, organizations must continue to evaluate their implementation of remote access to ensure that their infrastructure is robust to prevent unauthorized access to company resources and mitigate the effects of these emerging cyber risks and threats.
Remote access, in this instance, is the ability of employees to access the internal network of an organization from home through a network connection. Employees can access files and other network resources from any connected device with remote access as long as the remote access system supports it, which is why remote access security is vital to maintaining cybersecurity as employees work from home.
An essential first step to assessing remote access security is to conduct an audit. Here are some key elements you should include in a remote access security audit.
- Penetration Testing – Connect to the network like an employee does and attempt accessing restricted internal data and systems. Also, scan for vulnerabilities on systems that employees can legitimately access to ensure attackers cannot exploit them.
- Remote Device Testing – Test samples of the remote devices used by employees (whether BYOD or company-owned) to see what security measures are running, whether the device is infected by malware or has other security issues such as missing security patches or updates.
- Check Protocols and Authentication – Identify how employees connect to the corporate network and how authentication is performed. Ensure protocols are secure and encrypted, and authentication is strong and cannot be bypassed easily. Be sure to evaluate the entire remote access system using company policies and compliance requirements for reference.
- Governance – How are company policies enforced across remote employees and devices? Are governance policies applied automatically? or set manually by administrators, which could lead to human error and security gaps?
- Logging and reporting – Ensure that any activity by remote devices is appropriately logged and the organization can generate reports and audits required by its compliance obligations.
Organizations that work collaboratively with their remote employees can effectively identify, mitigate, and remediate potential security and privacy threats while minimizing intrusions and impacts into their workers’ personal lives and home environments. Though not an exhaustive list, it is essential to consider these points when auditing remote access security, as working from home becomes a standard feature on audit plans.
Date: 28 October 2021
Author: Lomar Lily
ISACA Kingston Chapter 