Office equipment that has been exposed to various users at home can pose a big threat to the corporate network.
For many IT departments, the unplanned, urgent shift to remote-working in the last few months had inevitably led to a lot of security concerns. Questions such as “do we have enough VPN capacity?” or “did everyone bring their laptop home?” and “can we manage software updates with machines on home wi-fi networks?” probably resonated around the world.
However, many countries will be restarting their economies cautiously in the weeks ahead, and businesses need to be prepared to reintegrate some of their workforce back to the office. Imagine dozens of devices returning to the office environment—devices that had been shared at home by children and loved ones for both work and play. This could be the start of another period of security tedium as IT departments rush to recertify assets being allowed on the corporate network.
According to Chester Wisniewski, Principal Research Scientist, Sophos: “In a perfect world, most of us would be using Zero Trust Networking (ZTN) or Secure Access Service Edge (SASE) for accessing our applications, making the transition in and out of the office for most workers a zero effort endeavor, but very few of us are there yet. If we still have a perimeter, we will need to be cautious about how we reintegrate devices and data that have been outside the reach of management tools while some users were away.”
Here are some ideas from Wisniewski on how to manage a few common situations.
- Many organizations lost the ability to install or enforce updates for the duration of the stay-at-home order. Consider implementing a slightly-restricted quarantine LAN to isolate these devices while the IT catches up on procedures for checking their security before reentering the corporate LAN environment. This would be very easy to do using the guest wi-fi function of your wireless network and enable productivity to continue, with the added safety of being able to quickly block or disconnect misbehaving devices.
- Checking the integrity of company-owned devices will be critical, especially as some users allowed their children or families to use their device, as it may have been the primary device in the household for homework and other activities. In addition to ensuring operating system and application updates are installed it would be prudent to do a full system scan using your endpoint security product.
- Shadow IT is a problem at the best of times and you have to admire the ingenuity of employees doing what they can in a time of crisis to get their job done. A good practice on the personnel’s return is to consider an IT amnesty program. Ask users to share what tools they needed to use while away that were not accessible or provided by IT. Use this as opportunity to learn where the gaps in your remote work strategy are and be sure to get sensitive data identified and brought back in where it can be protected and controlled. Common applications used during home and work will include services like Dropbox, Facebook Messenger, WhatsApp, Slack and Google Docs.
- For users without VPN access to company files, personal cloud services and removable media will likely have been utilized. Work toward the elimination of these devices as a whole, as they are difficult to encrypt and easy to lose. Be sure everyone knows about your organization’s cloud storage service and help staff move any documents stored on personal devices or clouds to the officially sanctioned tools.
“I see this as an excellent opportunity to implement new policies, embrace more secure modern tools that enable remote-work and maybe even cut down on the amount of work travel as we become more accustomed to online meetings. Just don’t think it is business as usual. We’re moving forward now,” concluded Wisniewski.