Remote Working in the Time of COVID-19: These Steps Are Key to Cybersecurity
With the designation of the COVID-19 disease as a global pandemic hotly followed by a declaration of a national emergency by President Trump, the American way of life shifted dramatically – with the home office becoming a new reality for millions.
Unfortunately, the rise in the global remote workforce puts more pressure on IT teams, network architectures, and even equipment. But there are also very real cybersecurity challenges to consider.
We’ve already seen an uptick in coronavirus-related phishing attacks where opportunistic threat actors capitalize on people’s heightened fear and anxiety and scam them into believing the email comes from an official source such as the CDC or World Health Organization. From here they encourage the recipient to open an attachment or click a link which downloads malware onto the device.
But perhaps more problematic for IT teams is that the COVID-19 pandemic is forcing organizations to embrace a remote work style immediately. This leads to a plethora of challenges:
- The use of personal devices to carry out business functions: Faced with a lack of corporate computing devices, many employees have no choice but to use their own home computers to access corporate networks and applications. These devices require appropriate protection from cyber threats.
- Unsecured home Wi-Fi networks: Another risk factor are unsafe home Wi-Fi networks that may not have the same security protocols – such as firewalls – used in traditional offices. If an employee is accessing sensitive data through that network, a threat actor could easily exploit this lack of security controls and find a back door into the organization’s network.
Steps organizations can take to ensure remote worker cybersecurity.
Clearly, education is critical at this time. Employees should be trained to recognize and handle digital scams. Organizations should also consider more stringent email security measures. It’s also vital that they review their cybersecurity policy to ensure it includes considerations for remote access management, the use of personal devices, and updated privacy considerations for employees who access files and applications.
But these measures only go so far. As organizations in the public and private sector grapple with this sudden shift to a remote workforce, they need to move rapidly to ensure a successful transition and security as they move their workforce from office to home. Security solutions for these devices need to be very simple to deploy and manage; they must respect the user’s privacy; and these solutions should also avoid flooding security staff with large volumes of security alerts.
In light of this, we’re pleased to showcase some important steps that DLT partner, CrowdStrike, is implementing to support and secure remote workers.
CrowdStrike is uniquely well-positioned to provide assistance to government agencies and companies at this time for two reasons: One is that CrowdStrike’s Falcon® cloud-delivered platform and lightweight agent architecture is ideally suited to supporting and specifically securing remote workers.
Having a 100% cloud-delivered architecture ensures that organizations can protect every workload everywhere, including workloads outside of the firewall, even if they are offline, and provide real-time security functionality with the highest level of efficacy along with compliance status information. Threat hunting across every device, especially those that are not on the network, is critical. Achieving this easily — with data accessible instantly and from anywhere — can only be accomplished with a native cloud-delivered solution.
The second reason is that the company already supports a broad and widely dispersed remote workforce, giving it a deep institutional knowledge of how to do so securely and effectively.
New programs to help organizations secure remote workers during the COVID-19 crisis
Because of the unexpected developments due to the coronavirus, CrowdStrike has announced two new programs to help organizations secure remote workers during the COVID-19 crisis.
For new and existing customers, CrowdStrike is offering the following:
- For devices owned by the government or business entity, CrowdStrike is introducing a Burst Licensing program. This is designed to ensure that customers can remain nimble and rapidly deploy new systems for remote workers as needed.
- For employee-owned devices, CrowdStrike is introducing a new program: Falcon Prevent for Home Use. This allows organizations to provide employees with a low-cost option for securing their personal computers so they can safely access corporate resources.
Both programs are effective through May 16, 2020.
Learn more about these programs and access additional resources for managing the security of your remote workforce.