February 25, 2022

Remote Workforces Have Changed The Rules of Endpoint Security

Photo for Remote Workforces Have Changed The Rules of Endpoint Security

Remote and hybrid work became a new normal during the COVID-19 pandemic. If your organization faces this reality, you must ensure you have the capacity to support all remote access needs, so employees can access business-critical applications, collaborate with each other, and perform their normal day-to-day business needs — while keeping the network and devices secure. You must deal with a whole new host of challenges — and an increased need for strong endpoint security.

Graphic showing all the different parts of your network that need endpoint security

Remote workforces mean many more data-using employees are now outside a secure corporate network and need stronger endpoint security strategies deployed to keep data safe

Employees and contractors are now connecting to enterprises via home networks — often with no firewalls to protect their connection. This means security teams, already stretched thin, now must monitor and protect more devices —remotely. To complicate matters even more, remote work means more employees are using their personal devices to access corporate data. A report from HP Wolf Security found that 75% of office workers say that COVID-19 blurred the lines between their personal and professional lives — especially with the devices they use. Result: many employees now use the same device for both leisure and work — and even share devices with members of the household. “Bring Your Own Device” (BYOD) means employees add levels of security risk as they work.

The devices employees use to access business-critical data are sometimes the same ones they are using to download games, stream videos, or lend to their children for online studying.

Graphic stating over 80% of IT decision makers think remote workforces increase the chance of corporate breaches

The dangers of BYOD policies are many

Securing the increased number of devices accessing corporate data — especially employees’ own personal devices not corporate-owned — can be difficult. With 71% of employees claiming they access more company data more frequently from home now than they did pre-pandemic, there are plenty of endpoints for hackers to attack.

It’s not a minor threat: 51% of IT decision makers have seen evidence of compromised personal devices being used to access corporate and customer data. Even printers are not safe — 45% of IT decision-makers say they’ve seen employees’ home printers used to launch attacks.

Remote work is here to stay — and companies must deploy strategies, processes, policies, and tools to increase endpoint security

Around two-fifths of officer workers expect to be mainly working remotely post-pandemic — or at the very least in a hybrid model between home and office. Now that employees have had a taste of working from home, many do not want to go back to the office full time.
Graphic stating 39% of workers expert the will continue working remotely in the post-pandemic world
How can businesses secure their new expanded perimeters to include remote workers and BYOD environments? IT departments must establish policies and train employees to keep devices and network connections secure. The best policies must address personal device issues:
  • How data should be transferred to company servers
  • How often corporate data should be deleted
  • How corporate data should be stored
  • How to encrypt and secure corporate data
  • Which data and applications can be processed

In addition to creating these policies, IT security teams must address these common remote work security threats:

  • Unsecured networks: IT security teams need to train remote staff on the threats from using their home Wi-Fi networks, where many people leave their Wi-Fi passwords to be protected by factory-default passwords — or worse, no passwords. Cyber criminals can easily set up “evil twin” access points that can fool users into connecting to them to steal sensitive data. IT security teams must ensure remote workers change Wi-Fi passwords, update firmware, and use strong encryption to keep connections secure.
  • Phishing and malware: Employees need to be trained and alerted to the dangers of phishing and malware — implore them to check for encrypted website connections, verify site ownership, and avoid storing sensitive information on untrusted websites. Make sure they use extreme caution with any unfamiliar sites asking for login information — and never click on links or download attachments from untrusted sources.
  • Unpatched Virtual Private Networks: Cybercriminals are using advanced methods to scan for unpatched VPNs with known vulnerabilities — giving them another on-ramp onto corporate networks. IT teams must ensure VPNs have been properly patched and use authentication to regulate access to corporate resources.

Wise up to new endpoint security best practices

COVID-19 changed the way we work suddenly, so it can be challenging to follow the latest best practices to keep you safe from cyber attacks. Talk to FiberWave today for a free security assessment — we offer telecom and IT wisdom to make sure you get the best-for-you processes, policies, and tools to keep endpoints, data, and remote workers safe.