Solutions to Common Remote Working Endpoint Security Challenges

Organisations of all sizes are at risk from hackers, organised crime, and malicious threats. Endpoint security - the practice of securing employees’ devices from being compromised by malicious bodies - is therefore essential for protecting your corporate network.

If your employees work remotely on even a part-time basis, you must design your IT security programme with remote devices in mind. That's because a dispersed workforce presents unique IT security challenges; and indeed, the rise in remote working over the past few years has correlated with cybercrime reaching an all-time high. 

In 2021, weekly cyberattacks on corporate networks were up 50% compared to 2020. Since the average data breach costs $4.24 million, not investing in a robust endpoint security solution could be the death of your organisation.

Below, we run through some of the key IT challenges - and actionable solutions - that come with remote working. 

1. Increased digital information sharing

Remote teams have no option but to share information virtually. Even highly sensitive conversations and documents are shared via networks, rather than by word of mouth or sight.

All digital communication mediums - such as instant messengers, emails, cloud documents and video calling - are susceptible to attack. The average employee receives 14 malicious emails per year; and, in an analysis of 13 popular video-chatting applications, the US’ National Security Agency (NSA) concluded that every single one had a security deficiency.

Solution:

• Mandate that employees password-protect all virtual meetings.
• Enrol employee devices onto a mobile device management (MDM) solution. This allows IT to monitor the security posture of those devices and mitigate risks by deploying security patches, software updates and ensuring baseline security controls are enabled. 

2. Insecure networks

In offices, IT departments can impose security protocols, such as blacklisted IP addresses and firewalls, on their network to prevent external bodies from compromising them.

An IT department cannot impose the same measures on a home broadband or public WiFi. Many home Wi-Fis are only protected by factory-default passwords, or no password at all. Older encryption methods, like Wired Equivalent Privacy (WEP) or WPS, are easily compromised.

Cyber criminals can also set up fraudulent access points (referred to as “evil twin” access points), that appear legitimate, but allow the attackers to access sensitive data.

Similarly, public spaces - such as coffee shops, libraries or co-working spaces - often have limited security measures in place.

Solution:

• Implement 'Never trust, Always verify' security solutions.
• Mandate that home workers update their firmware/software.
• Incorporate encrypted disk drives into your security policy.
• Remain vigilant when connecting to any network.

3. Personal devices

Over half (55%) of employees claim to use their personal laptop or phone for work at least some of the time. 

Like home or public networks, IT departments cannot impose security measures on personal devices. When employees work on asynchronous schedules, away from offices, they are more likely to download work-related apps (Slack, Zoom, Google Docs etc.) onto their personal devices. This significantly increases the risk of sensitive information leaking into an insecure environment.

Solution:

• Supply every remote worker with a business device that is configured with security measures and enrolled into a mobile device management (MDM) solution that can be managed remotely.

4. Use of unauthorised applications

Employees may use applications outside of those prescribed by your company for various reasons: they are more familiar with them from previous roles, believe them to be faster etc. But if security controls are improperly configured, cyber criminals may be able to access sensitive data.

Indeed, web application breaches make up 43% of all breaches and have doubled in frequency since 2019 (Verizon).

Solution:

• ‍‍Pre-install applications onto devices before delivering them to employees to reduce the likelihood of employees downloading other apps.
• Create a list of approved applications with administrative oversight, and deploy tools that enforce the approved/not-approved list.
• Incorporate an efficient password policy based around an appropriate risk level.
• Utilise multi-factor authentication (MFA).
• Educate users around security awareness and leverage password managers.

5. Email phishing scams

Phishing scams have soared since the pandemic began. Taking advantage of people’s thirst for knowledge about the virus, hackers have set up fraudulent domains to install malware and steal users’ information. 

Since early 2020, 70% of organisations have observed an increase in phishing attacks. In April 2020, at a time when most governments had just introduced home working orders, Google’s mail servers detected 18 million coronavirus-related malware and phishing emails per day.

Solution: Employee training. Advise employees to: 

• Never give away credit card or password information via email
• Never download attachments or click through email links from unverified sources
• Never store sensitive information on unverified websites.

How does Hofy’s device management solution counter remote security problems?

At Hofy, we have designed our IT support package for remote teams hiring globally. Through Hofy, you can:

• Deploy a device anywhere in the world - configured with a sensible level of security, including a minimum password policy, full disk encryption; and firewalls enabled - out-of-the-box
• Install custom applications onto devices before delivering
• Remotely update devices through Hofy’s fully-managed mobile device management (MDM) service
• Remotely lock or wipe devices if they are lost, stolen, or someone leaves to prevent a data breach