Remote working and endpoint security: the new reality

There is no doubt that cyber-criminals have had an extremely productive 14 months. Early in the pandemic, they realised that the shift to remote working – with more than half of the world’s working population working remotely – presented new opportunities to monetise attacks, resulting in a 238% increase in global cyberattack volumes. Guest post by Gary Tierney 

There has been a significant increase in the number of attacks over the last six months, most notably the recent ransomware attack on the Irish health service the Health Service Executive. As home workers lower their collective guard, Irish businesses of all shapes and sizes risk having their data compromised.
Organisations need to quickly assess how to manage remote working risk, while also enabling workforce mobility as this is much more than a single moment in time, it is a serious challenge that will in many cases require a major change of direction for business security, with a focus on protecting the endpoint.

The shift to remote working

Working habits have changed since the outbreak of the pandemic, a new report by HP Wolf Security found that three-quarters (75%) of office workers say that COVID-19 blurred the lines between their personal and professional lives. It did this quite literally, in forcing us to work from home, where most of us used to spend little time during office hours. But it also led to many remote workers using the same device for both leisure and work, and even sharing it with other members of the household.

The survey found that more than two-thirds (70%) of office workers surveyed are using their work device for personal tasks, while almost the same number (69%) are using personal laptops and printers for work purposes. Additionally, 30% have lent their device to someone else. This has led to some concerning psychological effects. Many of us have begun thinking of our work devices as our own, which can make us less alert to potential risks.

The pandemic has forced people to stay at home, leading to an increase in behaviour such as downloading games, online video streaming or even lending work devices to children for online learning. These activities increase the chance of corporate breaches, and according to the research, over half (51%) of IT leaders have found staff using unpatched endpoints over the past year.

Taking advantage of light relief

Which begs the question – where are the cyber criminals focusing their efforts? Unsurprisingly, it’s on the things locked-down workers are turning to for light relief. According to the HP Wolf Security report, there was a 54% increase in phishing attacks targeting gamers in the first four months of 2020, while video games are also being used as lures, with one notable example being ransomware disguised as Fortnite hacks.

Even streaming is not as safe as you think. In just one seven-day period in April 2020, there were at least 700 phishing sites imitating popular streaming services. The end goal is usually data theft and ransomware, and increasingly today the two are combined in the same attack. With 71% of employees claiming they access more company data, more frequently, from home now than they did pre-pandemic, there’s plenty of opportunity for those with malicious intent.

Over half of IT decision makers have seen evidence of compromised personal devices being used to access corporate and customer data, so this isn’t just a theoretical threat. A similar number (45%) said compromised printers have been used to launch attacks over the past year.

A new model of endpoint security

The rollout of vaccines and the slow reopening of society is filling many with confidence that a return to “normality” is imminent, but the truth is that the workplace will be forever changed by the pandemic.

Many have adapted well to remote working, and according to the Second Annual National Remote Working Survey from the Whitaker Institute at NUI Galway and the Western Development Commission, 95% of the Irish workforce are in favour of working remotely to some extent once the pandemic is over.

If the corporate office is a thing of the past, how can security teams police and secure this new environment? The answer is by focusing on endpoints – the first line of defence in any business environment, no matter the scale or size.

Layering up restrictive policies only puts security in the way of productivity, while detection of known malicious signatures and code can be easily thwarted by modern malware. The answer instead lies with an endpoint security approach rooted in Zero Trust principles, meaning that decisions are made on a case-by-case basis for every service, after verifying a set of controls that might include the user, the device, and its security posture.

This helps to contain failure –whereby a compromise of a less important service doesn’t necessarily lead to a major breach. Zero Trust principles are extended onto the endpoint – including device firmware, operating system, and individual applications.

Businesses should be aiming for defence-in-depth at the endpoint, from self-healing firmware capabilities to machine-learning powered anti-malware solutions that are better able to spot new malware variants. This also includes hardware-powered micro-virtualisation, which can isolate and contain threats delivered by email, browser or downloads, while being transparent to the end user.

If the future of work is flexible and remote, then the future of security needs to have an increased focus on the endpoint.

Author bio:

Gary Tierney leads the HP Print Category Business for the UK and Ireland, where he is responsible for managing activities across hardware, supplies and solutions. He is also Managing Director for HP Ireland, where he drives the overall strategic direction of the business. Gary started working for HP Ireland in 1989.

Prepared by Ebony Ximines-Parke