Working from Home Now? Here’s How to Do it Securely
Author: Bob Ertl
Most employees work from home only occasionally. The Coronavirus outbreak, however, has recently relegated millions of employees to home offices, kitchen tables, and living room couches. We do our part to flatten the curve when we work from home. Plus, working from home has many advantages, including shorter commutes, more casual dress, and happier pets. Unfortunately, working from home has distinct disadvantages too, like fewer social interactions and a forever beckoning refrigerator and food cupboard.
Working from Home – What Could Go Wrong?
While remote employees battle cabin fever and weight gain, their employers wrestle with bigger challenges. Home networks provide hackers a treasure trove of PII before employees connect a single smart phone or laptop.
Hackers know home networks prioritise functionality over security. Families use the dog’s name for their network password and share it with many friends and extended family members. Parents disregard software patch notifications. Connected game consoles, tablets, smart TVs and virtual assistants also provide hackers several entry points into a home network.
Once a home network is compromised, the employee’s connected smartphone and laptop become targets. As a result, confidential corporate information like contracts, financial data, and customer records also become susceptible to unauthorised access. When employees work in the office, organisations have a fighting chance to protect sensitive data. IT staff monitor all network activity, flag suspicious behaviour, and stops malicious attacks (ideally sooner rather than later). When employees work from home, however, organisations don’t have the personnel, visibility, or tools to protect their data. Organisations therefore must approach their enterprise security architecture on the assumption that home networks are compromised.
VPN – Not as Safe as You Think
Businesses typically leverage a Virtual Private Network, or VPN, to keep employees tethered to corporate networks. With a VPN, employees have access to everything they need from the comfort of their own home. Despite several cloud-based SaaS solutions like Salesforce and NetSuite that employees access directly, many applications and systems require a VPN to access.
Hackers recognise a VPN’s value, and its vulnerabilities. Therefore, expect hackers to target VPNs as more employees begin working from home. A VPN is worthless unless developers identify vulnerabilities and customers apply patches. Similarly, credentials prove useless if passwords are easy to guess or if users give them away in a phishing attack. With a compromised VPN, hackers have a direct line to an entire corporate network, including petabytes of unencrypted confidential information. As an encrypted, packet-level pipe, a typical VPN fails to provide valuable file-level context like sensitivity, sender, recipient, source, and other factors. Without this detail, security organisations struggle to detect unusual file activity and prevent a breach.
The strongest, most defensible VPN solution won’t protect an organisation’s data unless every employee has one. Unfortunately, businesses typically purchase just a set number of VPN licenses. In addition, IT departments must configure each VPN license for each end user. Otherwise, an organisation’s digital marketing coordinator has access to the same systems, applications, and data as the corporate controller or chief revenue officer. Prior to COVID-19, IT staffs accommodated these requests with relative ease due to low, infrequent demand. Now, IT staffs must respond to an avalanche of VPN requests as dozens, hundreds, or even thousands of employees transition from the office to the home.
A More Secure and Efficient Approach
The Accellion enterprise content firewall provides complete protection for sensitive corporate data when accessed and shared on home networks and other untrusted remote locations. Accellion consolidates the secure third party communication channels employees use every day as part of their workflows, including email, file sharing, enterprise apps, web forms, SFTP, MFT, and mobile.
Employees utilise a single platform to share PII, PHI, IP and other sensitive information with complete security and control. Multi-factor authentication and granular policy controls ensure employees access only select systems and data, not the entire corporate network. Server-side communication integrations and document viewers minimise the need to download files. Similarly, automated policies and scans minimise malware risks when employees upload files.
In addition, every file uploaded, downloaded, sent, and received is logged and auditable so businesses demonstrate regulatory compliance with GDPR, HIPAA, CCPA, and other data privacy regulations. The CISO and Compliance Officer always know the details of every transfer, including what file, who sent it, and who received it.
Accellion also empowers remote employees to access sensitive information in file shares, SharePoint, OneDrive, and other enterprise systems simply and securely. Employees upload, download, edit, and share confidential files of any size or type in these and other systems without requiring a VPN. As a result, businesses avoid adding hundreds or thousands of costly VPN licenses and configuring those accounts for each individual user.
Organisations know their PII, PHI, and IP is protected when employees work remotely because the Accellion content firewall provides:
- Multi-factor authentication
- Data encryption in transit and at rest
- A hardened virtual appliance • Compliance with most data privacy regulations
- Auditable logs of all file activity with analytics and seamless SIEM integration
- Seamless scanning of inbound files with AV and your ATP
- Seamless scanning of outbound files with your DLP
Why not subscribe for the DTX newsletter which is sent out every 2 weeks.