Before the outbreak of Coronavirus, working from home was common, but not universal. About 43 percent of Americans worked from home occasionally in 2017, and about 5 percent worked from home full-time. Now that most of the country (and the world) is under lockdown, the numbers are skewed far into the other direction.

While we are beginning to take cautious steps to open back up, working from home will be the norm for many of us for the foreseeable future. If you are like most, you may have had a security contingency for a small percentage of workers working from home either occasionally or full-time, but your security posture looks vastly different now.

For example, until now, your solution for working from home or from the road might have been accomplished with a basic combination of VPN + virtual desktop. Since only a few people would be traveling or working from home at any given time, you might not have paid that much attention to the way your VPN was managed.

What many companies are now discovering is that, while their corporate network is fully segmented to protect the east-west movement of attackers, their relatively unmanaged VPN is totally flat.

New Working Conditions Mean New Threats

Security organizations need to pivot rapidly now that the majority of the workforce is working remotely. If their existing tools are now insufficient, they need to find new ones that work effectively and that can be deployed quickly. After all, the attackers have been working from home all along – and now they’re encountering an enticingly target-rich environment. New threats may include:

Nation-State Actors

APTs are taking advantage of several endemic vulnerabilities in VPN systems in order to exploit a newly homebound workforce. Because these networks often need 24/7 uptime, they are difficult to update, meaning that known issues may not be patched. This makes it easy for state actors to craft malware that can exploit these vulnerabilities en masse.

COVID-19 Phishing Scams (and Regular Phishing Too)

The thing about constant anxiety is that it can lower the defenses of people who otherwise wouldn’t be fooled by misinformation. Scammers are sending out waves of emails purporting to offer free Coronavirus tests, masks, protective equipment, and dubious cures. One enterprising attacker even offers ransomware known as CovidLock disguised as an Android app that tracks local COVID-19 outbreaks. In addition, researchers have also seen a surge in more traditional phishing emails that are designed to harvest VPN credentials.

WiFi Hacking

The consumer-grade WiFi products that workers use at home aren’t as secure as their enterprise equivalents. Many home users don’t know how to update their routers, which means that their firmware can be years out of date. This is catnip for attackers, who can use open-source tools such as Aircrack or Reaver-wps to crack WPA or WPA2 encryption and burrow into a home network – then make the jump from there to your enterprise.

Find New Tools to Protect Employees Working from Home

Administrators may need to find new tools in the wake of these new attack vectors. What do these tools look like, and how should they be adapted for remote users?

• Secure RDP- Remote desktop protocols are useful for your workforce because they enable access to a full menu of enterprise applications – and even remote desktops – without the users having to install apps on their home machines. Securing RDP means applying best practices – encrypted connections, strong passwords, and RDP gateway servers to impose logging and TLS. As a bonus, try to find an RDP solution that’s simple for an end-user to use, without requiring them to install a client or doing any configuration on their endpoint. This ensures that IT won’t be overwhelmed with a deluge of support calls during this critical transition period.

• Scalable Remote Desktops - Some off-the-shelf RDPs are fine for small businesses, but if you’re an enterprise with hundreds, thousands or tens of thousands of employees, you need a solution that matches your scale -- and that can scale up or down easily, as your needs change. Also ensure that your solution can provide the fine-grained access control that large companies need for security. With this access control, administrators can rapidly adapt as they segment networks that were previously flat.

• Remote Browser Isolation - Home networks and internet use are a huge concern under these new circumstances. Since traffic from home networks is not filtered through network controls, it’s inherently insecure. It is neither safe nor practical to imagine visiting your employee’s individual homes in order to update their routers and policies to keep them off uncategorized and risky websites.  If their machines get compromised with web-based malware, it could be a short putt for hackers to move into your network once the infected machine connects back in via VPN access, leaving you with a serious security incident on your hands. Remote browser isolation prevents this danger by having a virtual browser render all websites within a container in the cloud. This remote browser sends a fully interactive media stream representing the website to the endpoint browser.  As a result, even if a user navigates to a site infected by malware, the malware will never make it to their home computer or execute on their hard drive. Instead, it remains isolated in the container – and is destroyed along with the container once the session ends.

Being unable to physically work on a user’s endpoint or provision them with new hardware or software may impose challenges for IT security – but they aren’t insurmountable. With encryption and the right kind of remote access software, you’ll be able to protect your users and your network, while ensuring your most critical data is secured.

Written By:

Gerry Grealish is Chief Marketing Officer at Ericom Software. He is a security industry veteran, bringing over 20 years of Marketing and product experience in cybersecurity and related technologies. Responsible for Marketing and Business Development, Gerry previously was at Symantec, where he was responsible for the Go-To-Market activities for the company’s Network Security portfolio. Prior to Symantec, Gerry was at Blue Coat, which he joined as part of Blue Coat’s acquisition of venture-backed CASB innovator, Perspecsys, where he was CMO.