Protecting Remote Workforces from Security Threats

Recently, IT services providers have had to react quickly to major shifts in the way workforces operate. Instead of supporting one office per customer (or a handful for larger customers), they’ve transitioned to supporting multiple offices per customer as each customer’s employees operate from their home office.

While this near-overnight shift required massive efforts, IT services providers brilliantly rose to the occasion. The first phase of supporting such a shift required getting customers up and running so productivity remained high. Now, we’re moving into the next stage, which requires IT services providers  to focus on shoring up their customers’ cybersecurity defenses as they work from home. Today, we’ll cover some tips for protecting a remote workforce.

What new challenges do we face?

Before we talk about tips, we should take stock of how the threat landscape may shift in response to the move toward mass remote work.

  • Stress: Many employees switched to working from home for the first time nearly overnight. They dealt with the stress of setting up their home office, losing their routine, and keeping kids occupied (if they have children). Add to this the general stress brought on by listening to the daily news and you unfortunately have a recipe for people to let their guards down. We’ve already seen some scammers take advantage of the news cycles to trick people. Now more than ever, users have to be extra vigilant with security.
  • Increased attack points: Instead of most of the workforce working within a single office combined with a few stragglers working remotely, cybercriminals now have quite a few “satellite offices” they can compromise. If they can compromise a user’s home office, that could potentially give them a foothold into the wider corporate network.
  • Varying security levels: Beyond this, each home office will likely have differing security levels. Routers can be old. Malware-infected devices could come onto their home network and reach out to other devices. Users may have set up their network with weak passwords or poor configurations. This makes managing corporate assets trickier with all the added complexity and uncertainty.

Protecting a remote workforce

Related: SolarWinds Endpoint Detection and Response (EDR) -- get more info.

While the above challenges certainly complicate things, IT providers have solved plenty of complex problems before. These challenges should provide a good sense of what to prioritize. That in mind, here are a few tips:

  • Secure your VPN: Increased reliance on VPNs mean cybercriminals will attempt to attack vulnerabilities in these services. Now’s the time to make sure you’ve configured your VPN for security—use the strongest authentication possible, enable robust encryption, and enforce strong passwords. Use multifactor authentication (MFA) when connecting to the VPN as well. It offers a direct line to some of your valuable assets, so make sure everything is set up. (Also, remember remote desktops aren’t good replacements for VPNs.)
  • Training: Right now, users could both use a refresher on their security training and updated guidelines for working from home. For starters, give them helpful tips on securing their own home WiFi like using strong passwords and enabling firewalls. Also, make sure to remind them to be on guard against social engineering scams like a phishing email attempting to give updates on breaking news items in exchange for user credentials or to download malicious software.
  • Keep up the fundamentals: Also, continue practicing the foundational security practices you’ve always practiced, including patching endpoints, running regular backups, testing for recoverability, and using secure email gateways to protect against spam. It also helps to automate as much of this preventive security as possible so you can keep customers protected even if you face an overwhelming influx of tickets.
  • Focus on the endpoint: We already mentioned the importance of teaching customers how to secure their home network. However, you still have less control over this than you would your corporate network. This requires you to put extra emphasis on endpoint security—protecting individual devices reduces the risk those devices will infect your corporate network. In particular, using an endpoint protection solution driven by artificial intelligence can help you automate a good portion of protecting these distributed devices. These solutions not only help you catch malware (without having to wait for signature updates), but they also look for other types of attacks like fileless malware and malicious scripts. Plus, with so much automated, it saves on some of the potential upkeep.

Keeping them safe

Maintaining business continuity for a distributed workforce can be challenging, but it’s certainly doable. And many IT providers have adapted well to the new environment. And now is the perfect time to make sure you help customers fortify their own security.

MORE Info: We mentioned the importance of AI-driven endpoint protection. SolarWinds Endpoint Detection and Response (EDR) uses AI and machine learning to help safeguard endpoints from malicious behavior. The AI-approach from EDR allows you to skip having to keep up with AV signatures or worry about a gap in signature coverage. Plus, it allows for automated rollback to a known safe state after a ransomware attack. Learn more today.

Guest blog courtesy of SolarWinds MSP. Read more SolarWinds MSP blogs here.