How Well Do You Know Your Network? Mitigating Security Risks Beyond the Firewall
Pre-COVID, enterprises would create a “security perimeter” around the network in their offices, such as a firewall and smart switches and network elements to control the environment. Now, we’re in the midst of the most massive security shift since the dawn of the internet. Companies must face the security realities of remote work—and do it fast.
Since the onset of COVID-19, you’ve likely run into security measures that were never an issue before moving to remote work. Simultaneously, companies are restructuring budgets to compensate for economic impacts due to the pandemic. Investing in growth right now is a tricky business, but the one place where companies cannot afford to compromise is their security systems.
Breaches Are No Joke
Cybercrime costs the global economy $2.9 million every minute. The average damage to a business in the United States after one data breach is $8.64 million. Let’s say you have the cash flow available to survive the legal costs and damage to your business. The revenue loss would be a massive problem, but it wouldn’t be the only one.
While your business works to repair compromised systems and return to productivity, you will have to address the data breach notification legal requirements mandated by each state and country. Once you achieve compliance, you need to regain your customers’ trust and a campaign to restore your business’s image.
The alternative? Prevention and mitigation strategies. By taking a survey of your current security measures, you can identify holes or fractures lurking in your system before any breach.
How Secure Is Your Network Right Now?
Consider your network before the pandemic. You likely had security tools, tactics, and policies in place to monitor unauthorized intrusions. Your network administrator assured you that the most sophisticated firewall is churning out top-notch encryption methods to prevent breaches. There was an impenetrable perimeter around your network.
But what happens when companies ask their employees to work from home due to a global pandemic? The secure environment you’ve worked so hard to build isn’t as helpful when 350 computers from 350 different external local area networks (LANs) are suddenly fraternizing with your otherwise stable system.
Will it hold up? How well do you know this complex network? Can your systems withstand an extreme variation of protocol due to the present-day challenges? These are today’s most significant obstacles to securing your data.
Problem 1: The Rapid Transition to Remote Work
Most management teams were not prepared for remote work when forced into distributed teams earlier this year. Critical data is in one location, and employees are scattered about in others. When everyone is no longer under the same roof, things get complicated. With many employees now working 100% from home, your network is only as secure as theirs—if you don’t incorporate the potential risks of home offices in your current incident response plan (IRP).
“With many employees now working 100% from home, your network is only as secure as theirs.”
This is the most considerable security transformation we’ve ever seen, and companies are vulnerable. Most large enterprises used to allow occasional work from home—maybe even a day per week—but are now scrambling to get the necessary tech to their employees for safe, long-term remote work.
Problem 2: Employees With Insecure Networks
If you work for a company that’s not technically oriented, your employees might require significant education on safe remote work practices. Your team needs to understand the risks to company security at home or on the go.
You need to take action at the network level to protect your company in terms of home network administration and employee machines to prevent exposing open web application ports to other devices on the same network. You don’t know anything about the network administration of a random coffee shop, for example. How do you trust that the coffee shop has adequate network security? You can’t.
Problem 3: Outside Users Who Compromise the System
The same applies to home WiFi networks. What about an employee’s teenage son who’s downloading suspicious bit torrents? Malware can start scanning for open ports on the machine. Using remote code execution, curious hackers could start poking around on anything you may be developing. They could even potentially get access to credentials for sensitive information. The entire system could be compromised.
To exacerbate the situation, a lot of local development is created with debugging mode on—meaning that the source code for a web application is often exposed in a more readable format with a source map. A hacker could see what you’re working on, identify its source code, and even gain credentials to a critical program. If your team is working on valuable IP (intellectual property), this is a risk you can’t afford.
You can take two straightforward measures to protect your network. The first is physical security.
1. Establish Practices for Physical Security
Make sure your team always uses their company-issued devices, and that hard drives are encrypted. You also want to make sure that an attacker would need your fingerprint or password to get access to any data. Two-factor authentication and biometric data requirements might require a few extra seconds to log in and get to work, but they’ll vastly slow down hackers.
Two-factor authentication—commonly known as 2FA—is a security method that requires additional steps to verify a person’s identity before unlocking access. If you’ve ever received a text message with a code to log in to your bank account, then you’ve used two-factor authentication. Other options include a push notification to a mobile device or an authentication app that provides a code. Some companies even install YubiKeys on laptops, which the employee must press to populate the login form with code.
On the other hand, biometric data generally refers to a fingerprint or facial recognition, such as Touch ID and Face ID on Apple devices. While biometric authentication is an excellent way to verify identity, you must ensure that this data is stored locally and not sent to an external server, where it can be compromised and used by hackers.
2. Set Up a VPN
The second tactic is to utilize a VPN (virtual private network) to create an additional security layer.
Some VPNs will—in essence—fully isolate you from your home network or any other outside network like a coffee shop or an airport. Other VPN options allow you to be a member of both at the same time. Before you choose, it’s essential to know what you want and expect from your VPN package. Factors to consider include security measures, privacy, speed, reliable connections, user-friendly interface, multiple servers, and cost.
Some companies question whether they need a full VPN or if a secure cloud service like AWS (Amazon Web Services) is enough. VPNs are the vanguard of safe and effective remote work, but cloud-based servers have been on the rise in recent months. The hassle of daily server maintenance is outsourced to a third-party who does most of the heavy lifting. Clouds are also more compatible with mobile apps. But, they can’t necessarily guarantee security.
A Cloud Service Is Not a Security Measure
Not all cloud-based services are created equal in their level of security. Companies should look for services with an established track record of preventing breaches and skillfully handling any attacks they’ve suffered. AWS uses a shared security model. For example, they are responsible for part of the security and delegate the rest to the client.
It’s crucial to understand that just adopting a cloud is not a security solution. Leaders should also consider requiring multi-factor authentication for logging into their cloud services—not only for their hardware devices, as discussed above.
So VPN? Cloud Service? Or Both?
Though both VPNs and clouds have proven to be successful in their arenas, deciding factors often come down to budget. A company choosing to adopt a VPN will need to invest quite a bit more in infrastructure and security personnel to administer the system adequately. Secure cloud services might be more practical for smaller companies without these resources.
Despite the debate, there doesn’t need to be a dichotomy between VPNs and cloud services. You just have to choose what’s best for your company.
Finding the Right Team
Working from home is the new norm. The most crucial element is a security team with the skills and expertise to recommend the right measures and tools. Without a thorough evaluation, your company is living dangerously in the Wild Wild West of a distributed environment.
Are you looking for expert support on your digital transformation efforts or the transition to remote work? We’re here to help. Theorem is an innovation and engineering firm that builds custom software for companies making bold bets to stay ahead. Reach out to us at email@example.com or call 1 (888) 969-2983 to book a complimentary consultation.
Luis Laimer, DevOps Engineer at Theorem
Luis Laimer is an experienced security analyst with a career spanning more than 15 years. He is a former Certified Information Systems Security Professional and active speaker within the security and tech communities. Before joining Theorem, Luis was part of the global information security team at ThoughtWorks and worked as a security consultant in various fields spanning four different countries. He uses a practical and business-focused approach to enhance information security.
Joe McIlvain, Software Architect and Engineer at Theorem
Joe McIlvain is a Solutions Architect and Engineer, focusing on the design and implementation of distributed systems. He helps Theorem’s clients to challenge premises, identify costly problems before they happen, and execute quickly on solving some of their most challenging business issues. He joined Theorem in March 2015.