Wednesday, 5 August 2020

Securing the COVID-19 'New Normal' of Homeworking

The COVID-19 pandemic has put into motion a scale of remote working never before seen. Our teams are no longer just grouped in different office locations – but working individually from kitchen tables, spare rooms and, for the lucky ones, home offices! It’s therefore inevitable that this level of remote working will reveal security pitfalls for remediation, with improvements that can be carried forward when this period is over.
Attackers are taking advantage of heightened anxiety and homeworking
Tony Pepper, CEO at Egress, provides his insight below, as well as his six tips to improve data security while working from home.

Phishing

It’s sad, but it’s no surprise that phishing attacks have increased due to COVID-19– and businesses need to be prepared. Attackers are taking advantage of an environment of heightened anxiety and disrupted work settings to trick people into making mistakes, and they’re unlikely to stop until at least the main wave of the pandemic has passed.

Research shows that phishing is a major security issue under normal circumstances. Egress’ recent Insider Data Breach survey found that 41% of employees who had accidentally leaked data had done so because of a phishing email. More worryingly due to their level of access to data and systems, senior personnel are typically the most likely group to fall victim to phishing attacks, with 61% of directors saying that they’d caused a breach in this way.

And education and training can only go so far. Of course, we must continue to encourage employees to be vigilant to suspicious emails and to do things like hovering over links before clicking on them. We also need to reduce blame culture and free up employees to report genuine mistakes without fear.

But this can only go so far. People will always make mistakes. The good news is that advanced technology like contextual machine learning can remediate the targeted attacks, like conversation hijacking, that usually do the most damage to businesses.

Productivity and Security
Even in our tech-savvy world, there are still organisations that don’t have VPN access set up or enough laptops, mobile devices or processes to enable home working. But while IT teams try to quickly sort this situation out, we’re seeing employees finding workarounds, for example by sharing files using FTP sites or sending data to personal devices to work on.

We talk a lot about ‘human layer security’ technologies, which find the right balance between productivity and security. Right now, as well as looking at technologies to help securely move meetings, events and other activities online, businesses should also check that usually easy routine tasks can still be carried out safely – such as sharing large files or sending sensitive data via email. In particular, technologies like contextual machine learning and AI can identify what typically ‘good’ security behaviour looks like for individual users and then prevent abnormal behaviours that put data at risk.

For example, with people working on smaller screens and via mobile devices, it’s more likely they might attach the wrong document to an email or include a wrong recipient. Contextual machine learning can spot when incidents like this are about to happen and correct the user’s behaviour to prevent a breach before it happens.

Human Error
People are the new perimeter when it comes to data security – their decisions and behaviours can put data at risk every day, especially at a time of global heightened anxiety.

We know from our 2020 Insider Data Breach Survey that over half of employees don’t think their organisation has sole ownership over company data – instead believing that it is in-part or entirely owned by the individuals and teams who created it. And we also know that people are more likely to take risks with data they feel belongs to them than data they believe belongs to someone else. When they don’t have access to the right tools and technology to work securely – or they think the tools they do have will slow them down, especially at a time when the need for productivity is at its highest – they’re more likely to cut corners.

Maintaining good security practices is essential – and the good news is there are technologies on the market that can help ensure the right level of security is applied to sensitive data without blocking productivity.

Six Tips to improve Data Security while Working from Home 
We can all agree that times are incredibly tough right now. For security professionals looking to mitigate some of the risks, here are six practical tips are taken from the conversations we’re having with other organisations right now:

  1. Look for security software that doesn’t hamper productivity. It’s generally the aim of the game anyway – but right now, employees are feeling increased pressure to prove their productivity. If you’re finding yourself selecting new solutions, it’s never been more crucial to select technologies that don’t add difficult extra steps for them or anyone they’re working with outside the organisation.
  2. Choose collaboration/productivity solutions that have security baked into them. The other side to the coin of the point above, really: when choosing any new solution to implement at this time, make sure that security measures are part of a product’s standard design, and not an after-thought.
  3. Automate security wherever possible. If it’s possible, take decisions out of end users’ hands to ensure the security of sensitive information in line with policy, reducing the risk of someone accidentally or intentionally not using security software.
  4. Engage employees over security best practices. Phishing is a good example of this. Some inbound risks will evade the filters on your network boundary and end up in users’ mailboxes. Effort to proactively engage employees through e-learning and other educational measures can help them to know what to do with emails they think are suspicious (for example, hovering over links before clicking on them).
  5. Look to AI and machine learning to help solve advanced risks. Use cases like conversation hijacking, misdirected emails or people attaching the wrong files to documents can now be mitigated by intelligent technology like contextual machine learning, which determines what “good security behaviour” looks like for each individual, and alerts them and administrators to abnormal incidents – effectively stopping breaches before they happen.
  6. Implement no-fault reporting. People often don’t report security incidents because they’re concerned about the repercussions. Where it’s appropriate to do so, implement no-fault reporting to encourage individuals to report incidents in a timely manner, so you can focus on remediating the problem as quickly as possible.

No comments: