As the global pandemic continues to force governments to order lockdowns, close workplaces and impose social distancing rules, working from home has become the widely accepted way to operate for many businesses \u2013 and that fact is unlikely to change within the next few years.<\/p>\n\n\n\n
But while it\u2019s all very well for you and I to roll out of bed, put a shirt on over our PJ\u2019s, slide into some slippers and have a work meeting from the cosiness of our own living rooms, gaining comfort in one area almost always means it\u2019s been traded up in another.<\/p>\n\n\n\n
In the case of working from home, comfort replaces cyber security \u2013 and that\u2019s a problem.<\/p>\n\n\n\n
Particularly when statistics show how little people think it is.<\/p>\n\n\n\n
Drop Everything and Go Remote. Literally.<\/h2>\n\n\n\n
The migration to remote working has been put into action among organisations at an increasing rate over the years as technology has advanced and the possibilities to do so have arisen.<\/p>\n\n\n\n
What Covid-19 has done is forced this change to happen much more abruptly than it would have minus-pandemic, leading to the hasty uprooting of the workforce from a central place to various remote locations, which in turn has lead to disorganisation among the workforce and sudden security holes in the IT network.<\/p>\n\n\n\n
A report published in June by VMware Carbon Black<\/a> revealed the following:<\/p>\n\n\n\n As unsettling as these percentages are, we can hardly be surprised.<\/p>\n\n\n\n You know how in horror movies, as soon as the characters split up, they start getting picked off one by one? Yeah. It\u2019s a thing.<\/p>\n\n\n\n With the abrupt move to working from home, 25,000 secure endpoints at a single location can turn into 25,000 insecure devices spread far and wide with little to none of the protection they were afforded within the office.<\/p>\n\n\n\n Company-wide firewalls, VPNs, blacklisted IP addresses, data encryption, antivirus software and other security measures and policies are now gone as workers switch to using inadequately protected personal devices, potentially on insecure Wi-Fi networks.<\/p>\n\n\n\n A workforce using personal devices are more likely to partake in risky activity that they usually wouldn\u2019t while working at the office \u2013 activity that could impact their entire organisation; but because they\u2019re remote, visibility of what activity they\u2019re doing is limited or gone altogether.<\/p>\n\n\n\n As the saying goes.<\/p>\n\n\n\n In this case, that translates to: one weakly-guarded device in the home office that has access to the company network is all it takes for a cyber attack to compromise the entire organisation.<\/p>\n\n\n\n Cyber criminals are well aware of this, which is why Remote Working Cyber Attacks<\/strong> have risen throughout the scramble to secure remote access points during the shift to working from home.<\/p>\n\n\n\n The VMware Black Carbon report<\/a> found the following of the past 12 months:<\/p>\n\n\n\n It\u2019s clear that cyber attacks are on the rise as the number of easy targets and weak points increase, so how much of a threat are they in the grand scheme of risks, post-pandemic?<\/p>\n\n\n\n According to an analysis done by the Visual Capitalist<\/a>, Remote Working Cyber Attack threat makes it into the top 9 most likely risks post-Covid-19.<\/p>\n\n\n\n The article, \u201cWhat\u2019s At Risk: An 18-Month View of a Post-COVID World<\/a>\u201d, takes data submitted by a large number of risk analysts and compiled in a World Economic Forum report<\/a> and displays it visually in the infographic below:<\/p>\n\n\n\n The infographic highlights the 31 biggest risks and their likelihood percentage within the next 18 months.<\/p>\n\n\n\n The risks are categorised into the following five areas:<\/p>\n\n\n\n Of the four tech risks identified within the data set, Remote Working Cyber Attacks<\/strong> takes the number one spot with a likelihood of 37.8%.<\/p>\n\n\n\n That\u2019s a significant jump ahead of the next tech threat identified: Increased Automation-related Unemployment<\/em>, which sits at 24.8% likelihood, and is miles ahead of the next two tech threats: Abrupt Technology Adoption<\/em> and IT Breakdown<\/em>, which sit at 13.8% and 6.9%, respectively.<\/p>\n\n\n\n The scary fact is, the threat of Remote Working Cyber Attacks <\/strong>is great enough that it warrants a spot in the top 10 alongside the \u2018big dogs\u2019 of risks, so to speak: Prolonged Global Recession<\/em>, High Unemployment<\/em>, More Restricted Travel \/ Trade Movement<\/em> and Industries Fail(ing) to Recover<\/em>, among others.<\/p>\n\n\n\n Even scarier? People tend to drop this risk from the pool of \u2018big dogs\u2019 when it comes to their top concerns.<\/p>\n\n\n\n The Visual Capitalist gathered further data on how big of a concern these same risk analysts believed each risk was for the world:<\/p>\n\n\n\n The findings show that all top 10 risks \u2013 bar one \u2013 have retained their places in the top 10 as concerns, albeit in a slightly different order.<\/p>\n\n\n\n The single threat that was considered a top 10 risk that didn\u2019t make the cut this time around is our top tech risk: Remote Working Cyber Attacks<\/strong>, which now sits at 25.4% and 13th place when it comes to concern.<\/p>\n\n\n\n Essentially this means that although Remote Working Cyber Attacks<\/strong> are 37.8% likely to leave an impact on the world as we know it post-Covid, they are only seen as a 25.4% concern, with a 12.4% disparity.<\/p>\n\n\n\n This disparity in the actual threat versus how much it is perceived to be a threat, is a big problem.<\/p>\n\n\n\n It means that people working from home are unlikely to implement the proper security measures needed to protect themselves, their devices and subsequently, the data and networks they have remote access to from potential cyber attacks and data breaches.<\/p>\n\n\n\n In turn, organisations moving their workforce to remote locations are unlikely to take appropriate action to prevent Remote Working Cyber Attacks<\/strong> before they happen, because this risk is not seen as a big enough concern.<\/p>\n\n\n\n The fact of the matter is that you should be taking this threat seriously; ensuring that all potential holes that open up when your workforce goes remote are not only covered, but airtight.<\/p>\n\n\n\n A good way to ensure all of your endpoints are protected is by deploying a Privileged Access Management<\/strong> (PAM<\/strong>) solution to each and every remote endpoint.<\/p>\n\n\n\n PAM<\/strong> refers to the strategy of gaining full control and visibility of user-access to critical parts of the IT system and what they do when they have privileged access, so that data breaches and abuse of privilege can be prevented or audited in the case of occurrence.<\/p>\n\n\n\n PAM<\/strong> solutions do this by only allowing elevated privileges precisely when and where users need them and giving users only the minimum privileges required to perform their function in the workplace.<\/p>\n\n\n\n These techniques are known as Just-in-Time<\/strong> elevation (JIT<\/strong>) and the Principle of Least Privilege<\/strong> (POLP<\/strong>).<\/p>\n\n\n\n Admin By Request is a <\/strong>PAM<\/strong> solution that incorporates OPSWAT\u2019s MetaDefender Cloud<\/a> to ensure that hackers:<\/p>\n\n\n\n a) Can\u2019t gain administrator access to endpoints without permission, therefore cannot undertake processes required to infiltrate your network, and<\/p>\n\n\n\n b) Can\u2019t get past MetaDefender\u2019s<\/a> 35+ anti-malware engines that scan all files run as administrator, and prevent files flagged as malicious from being run on your endpoints and causing potential damage to your wider organisation.<\/p>\n\n\n\n Admin By Request, developed by the aptly named FastTrack Software<\/a>, enables organisations to quickly and effectively manage privileged access and ensure the remote workforce is safe by:<\/p>\n\n\n\n 1. Being easy to deploy on remote endpoints<\/strong><\/p>\n\n\n\n Admin By Request makes ease of deployment a top priority. Requiring no AD configuration, the 3.5MB MSI installer takes minutes to get up and running on endpoints in the home.<\/p>\n\n\n\n 2. Patching up any security holes opened up as a result of the move<\/strong><\/p>\n\n\n\n Admin By Request ensures your network, systems and data stays safe from Remote Working Cyber Attacks<\/strong> by managing who can get higher-level access, what access they can get, and when they can get it.<\/p>\n\n\n\n All remote users can be managed from within the Admin By Request user portal. Admin By Request\u2019s Settings and Sub-settings allow user groups to be created with different levels of admin privileges depending on their needs.<\/p>\n\n\n\n With Admin By Request, you get full visibility of what your users are getting up to when they\u2019re operating with administrator privileges, with the user portal displaying Inventory collected for each device, an Auditlog of all elevated activity and Reports which sum up and display the important bits.<\/p>\n\n\n\n\n
\u201cA Chain is Only as Strong as its Weakest Link\u201d<\/h2>\n\n\n\n
\n
The Greater the Risk, the Greater the
Reward<\/s> Risk<\/h2>\n\n\n\n![\"\"\/](\"https:\/\/www.adminbyrequest.com\/Images\/Blogs\/Likelihood%20Infographic.jpg\")
<\/figure>\n\n\n\n\n
Post-Covid Priorities Are All Out of Whack<\/h2>\n\n\n\n
![\"\"\/](\"https:\/\/www.adminbyrequest.com\/Images\/Blogs\/Concerns%20Inforgraphic.jpg\")
<\/figure>\n\n\n\nWhen Disparity Becomes a Danger<\/h2>\n\n\n\n
Protect with PAM<\/h2>\n\n\n\n