Remote working & the risk of increased data breaches - comments from Professor Kevin Curran, senior IEEE member
July 2020 by Professor Kevin Curran, senior IEEE member
Remote working & the risk of increased data breaches – comments from Professor Kevin Curran, senior IEEE member and professor of cybersecurity at Ulster University
“Remote working raises the risk of increased data breaches for organisations. One of the biggest risks is an increase in ransomware attacks, which are a serious problem at the moment. Employees may be using non-standard email or messaging systems, which fail to properly filter out the emails which carry the threat. Employees could also be tempted to use public Wi-Fi without a virtual private network (VPN).
“Virtual private networks are a means to secure data between remote workers and core systems. In an ideal world, organisations would have a Zero Trust network system deployed. However, this can be difficult to implement in response to the current pandemic, as it should ideally be rolled out in a phased manner which entails pilot projects and tweaks in a safe environment before deployment. However, if an organisation has not yet embraced the concepts of privileged access and least privilege, or still uses shared accounts for access, then Zero Trust is probably not going to work.
“Mobile device management (MDM) is essential to mitigate risks on mobile devices. Some software now enables devices to connect to a cloud-based solution, which bolsters the existing support. Users can log in to these software’s with many different types of accounts, including those which allows multiple users who share a single device to have full control over the Windows Store, VPN, device-wipe capabilities, and configuration of Enterprise Data Protection policies. It also separates personal and corporate data which can be a useful feature in heavy BYOD environments and you can choose between DM or traditional AD/group policy model.
“Containerisation is another option to separate corporate and personal data on an employee’s device. This involves separating out the corporate mobile apps and the data associated with these into “containers” on the mobile device, creating a clear division as to what is subject to corporate security policies such as wiping. Many different types of software can provide the ability to detect jail-broken devices, enforce policies like two-factor authentication and remotely wipe devices if they are lost. Some behavioural analysis capabilities can help as they allow insight into what users are doing on their devices such as playing games. Management can then use this information to education themselves on potential malware threats.”