IT security: Mitigating the risks of returning to work

IT security: Mitigating the risks of returning to work

After so long out the office for many, Chester Wisniewski, principal research scientist at Sophos gives us some tips on avoiding some common back to work ‘technical difficulties.’

The unplanned shift to working from home caught many IT departments by surprise and led inevitably to a lot of security concerns. Do we have enough VPN capacity? Did everyone bring their laptop home? Can we manage software updates with machines on home Wi-Fi networks? Those teams now face new challenges as the UK prepares to return its workforce back into the office.

In a perfect world, most of us would be using Zero Trust Networking (ZTN) or Secure Access Service Edge (SASE) for accessing our applications, making the transition in and out of the office for most workers an effortless endeavour, but very few of us are there yet.

If we still have a perimeter, we will need to be cautious about how we reintegrate devices and data that have been outside the reach of management tools while some users were away. Here are some ideas on how to manage a few common situations.

Many organisations lost the ability to install or enforce updates under the stay-at-home conditions. Consider implementing a slightly restricted quarantine LAN to isolate these devices while the IT catches up on procedures for checking their security before reentering the corporate LAN environment.

This would be very easy to do using the guest Wi-Fi function of your wireless network and enable productivity to continue with the added safety of being able to quickly block or disconnect misbehaving devices.

Checking the integrity of company-owned devices will be critical, especially as some users may have allowed their children or families to use their device, for example for home schooling. In addition to ensuring operating system and application updates are installed, it would be prudent to do a full system scan using your endpoint security product.

Shadow IT is a problem at the best of times and, to be honest, you have to admire the ingenuity of employees doing what they can in a time of crisis to get their job done. A good practice on return is to consider an IT amnesty program.

Ask users to share what tools they needed to use while away that weren’t accessible or provided by IT. Use this as an opportunity to learn where the gaps in your remote work strategy are and be sure to get sensitive data identified and brought back in where it can be protected and controlled. Common applications used during home working will include services like Dropbox, Facebook Messenger, WhatsApp, Slack and Google Docs.

For users without VPN access to company file shares, the use of personal cloud services and removable media will likely have been utilised. Work toward the elimination of these devices as a whole, as they are difficult to encrypt and easy to lose.

Be sure everyone knows about your organisation’s cloud storage service and help staff move any documents stored on personal devices or clouds to the officially sanctioned tools.

I see this as an excellent opportunity to implement new policies, embrace more secure modern tools that enable remote working and maybe even cut down on the amount of work travel as we become more accustomed to online meetings. Just don’t think there will be a quick return to business as usual. We’re moving forward now.