How the Corona Virus Increases the Cyber-Attack Surface
How the world faces a series of personal Cyber-Security challenges
Comments, Feedback: Laurent Balmelli (Twitter Laurent Balmelli)
The Pain of Having a Fully Remote Workforce
Having an entire workforce confined at home is a staggering experience for most companies. In addition many workers are parents with kids to attend to.
Where I live in Switzerland, we are now required to manage ourselves daily school work and keep our kids focused in an environment where they are more used to play than study. Talk about a source of distraction for parents.
Even if many corporate IT teams are used to deal with a number of remote workers, there is nevertheless a number of aspects with managing a completely distributed workforce that presents new cybersecurity challenges that I am discussing here.
The Use of Home Computers on a Home Network
Companies that have not entirely equipped their workforce with mobile computing resources (laptops, tablets or smartphones), suddenly deal with a large amounts of new “endpoints”. The term endpoint refers to a new possible ingress to the corporate network and is dealt as a point of vulnerability.
Any home computer used for work that is not up-to-date (i.e. all security patches have been applied), uses an outdated operating system (such as Windows 7), contains the relics of an insecure history of browsing or is not under solid password management policies has become a threat to the corporate environment.
The network to which this computer is connected is also a concern. Many insecure machines could be connected to this network including IoT devices. So-called perimeter-based defenses are not under control anymore. This likely means no scanning of the network with an intrusion detection or prevention system, unknown firewall rules or possibly a firewall with an outdated firmware which provides a point of entry for an outside attacker.