Kroll’s remote work security assessment identifies vulnerabilities of work-from-home employees and networks, and provides guidance on minimizing the risks posed by a decentralized network often complicated by personal devices and unstructured environments
Thousands of employers and millions of employees made a nearly overnight transition to a remote workforce earlier this year. Now, with companies seeing benefits that include greater efficiency, cost savings and better work life balance, many are maintaining remote work for the foreseeable future. A recent study found that 55% of executives expect their organizations will offer remote work opportunities after COVID-19 is no longer a threat.
Any time you make a major change to your infrastructure like the shift to remote work, where large numbers of employee PCs and devices are no longer behind the office firewall, the attack surface for cybercriminals expands and the potential for risk increases. Kroll has helped several organizations recover from attacks that originated from the exploitation of security vulnerabilities in remote work applications like VPNs.
A recent survey by Leonne International found that 33% of UK businesses say they lack the technology infrastructure to manage security issues with working remotely during the COVID-19 crisis. Yet data confidentiality and physical security are essential, particularly if remote employees work with patents, medical records, loans or any type of sensitive data.
Proactive Measures to Reduce Work-From-Home Risks
Management must actively evaluate physical and cyber security for sensitive data that remote workers access to ensure data remains protected. Remote work cyber security challenges and working from home concerns include the use of:
- Poorly configured VPNs
- Bring your own devices (BYOD) policies that allow devices to operate outside of corporate IT
- Corporate devices shared with children or other relatives, increasing susceptibility to malware
- File sharing products like Dropbox to store sensitive documents that can be difficult to monitor
- Printed hard copies of sensitive documents that can be viewed inadvertently
- Shadow IT systems that are invisible to corporate IT
Once your organization pinpoints potential vulnerabilities, you must adapt your security controls to new remote work configurations and sufficiently harden your systems against network-based attacks to reduce risk.
Kroll’s Remote Work Security Assessment Ensures Remote Devices and Data are Protected
Kroll’s remote work security assessment evaluates your organization’s cyber and physical document security. We methodically review your existing and new policies for securing a remote workforce as well as interview your IT, information security and typical remote workers to identify where your defenses are strong and where vulnerabilities exist that bad actors can exploit. At the end of our assessment, we provide you with a prioritized, customized set of security tips for working from home and an executive summary for management to help your organization address security deficiencies in your remote workers’ physical and cyber security systems.
Based on frontline experience dealing with over 2,000 cyber incidents every year, our seasoned experts look at nine key vectors of remote work vulnerabilities related to people, process and technology: