As I’m watching more and more of my co-workers send out WFH (Work from Home) emails…as I see more and more users of Webex and other forms of remote connectivity and sharing … my spidey senses start tingling.
Most companies have some form of remote management software deployed for their traveling brethren – but many of them haven’t prepared for full out war and suddenly having thousands of workers coming in remote. This will certainly challenger the network and security teams globally! What about those BYOD guys…no company offered laptops so they are surfing on in from their 2003 bought IBM laptop running XP with no support and protection. Do you have a plan for them? Maybe spinning up remote workstations so the work is done locally and not from their old XP or Windows 7 computers?
What about Geo-Fencing? Do you see all those hundreds of thousands connections looking for a handshake!? Now they are increasingly important to the vital success (or failure) to your business!? Do you know if you do business in Brazil? Do you have people there? Russia? Do you allow remote connections from Geo-Locations that you do not have offices? Maybe it’s time to tighten your defenses and start looking from the outside in again!? Everyone gave up on the boarder…everyone went to the cloud cause they thought it was safer. Was it? Can you see who’s trying to connect to your cloud? Are they your actual remote workers that are forced home or just some generic Taiwan hacker sitting under the radar of 50,000 connection attempts.. because you are overwhelmed at desktop support calls from vpn users that can’t connect? Do you allow remote resources to connect from public Wi-Fi networks? Did you think your help-desk would collapse? *frightening*
How about general physical security – where are your workers really working from? Can someone else see what they are doing? Have you had a proper security education program so your people know about shoulder surfing? Maybe they walked up to the Starbucks counter leaving that laptop behind – unlocked – while remoted into a customer site and updating a dat file for some ancient anti-virus client. Do they know to lock their screen? padlock their laptops? Do you have hard drive full encryption for your mobile workforce? Who’s DNS servers are they using…yours or unknown? Breath..not going to panic…well, maybe a lil?
Phishing attacks have increased for sure – even offering a cure for the virus! We are seeing no release or suspensions of compliance rules so you can bet there will be fines for mishandled sensitive information leaving your networks – are you sure you’re watching your Data Loss tools now? Everyone is connecting from home…you know what they are reading or editing? Did they move it to USB yet? Print out that form of HR birthdays and payroll entries to create happy birthday emails for employees while working from home?
Sure feels like a good time to remember how well a zero-trust network works. If you’ve been doing it all along, you know what you’re looking at. You know what you’ve allowed and only that is what is getting in. You can handle the one off’s that come in because they had to travel to X country and need to VPN in…Create that small group on a time scale of allowed access. etc etc..
My mind just started spinning and I didn’t have a place to vent it so I used this page randomly. Facebook friends just see me as paranoid security guy – Linked in people think I’m trying to get a job or impress odd views. Honestly I’m most likely just thinking outside about all the thoughts in my own head and making sure I, myself, have cross all my T’s and dotted all my i’s…. 🙂
Happy hunting!
Leave a Reply