Secure In The Home Office: Why VPN Access Alone Offers Too Little Protection
At the beginning of the corona pandemic, speed and pragmatism were required. It was only thanks to rapidly introduced home office solutions that many companies were able to maintain business operations while protecting their employees at the same time. However, it remains questionable whether remote access to the company network ensures the necessary confidentiality, availability and integrity everywhere.
The security of the home office concept therefore urgently needs to be reviewed by many companies, especially since it is becoming clear today that working from home is an option for future everyday business for many industries even after the Corona period.
Table of Contents
Larger Attack Surface And More Cybercrime Activity
A home office workplace is not insecure per se, but is more at risk. Why? The company laptop is no longer in the protected corporate network where the IT department enforces security policies. In your own four walls, the work (or private) computer forms part of the home network. An employee should use this to establish a connection to the company’s own infrastructure with a cryptographically secure Virtual Private Network (VPN). On the one hand, however, this increases the attack surface and, on the other hand, increases the probability that weak points will appear.
Cyber criminals obviously want to take advantage of this fact, as a look at e-mail providers suggests: Google or Web.de and GMX have reported significantly more phishing e-mails since the lockdown. In addition, the Federal Office for Information Security (BSI) registers domain registrations related to Corona or Covid, which can potentially be misused for criminal activities. The home office must withstand these and other cyber attacks, otherwise there is a risk for the entire company network. Companies can establish the necessary level of security in just a few steps. Among other things, it is important to equip home offices with weak point management.
WLAN And Network Devices At Home Checked
A poorly or not at all secured WLAN makes it easy for hackers to attack with viruses or Trojans. Employees must therefore replace the default administrator password for their home WLAN with a new, strong password. Enabling WPA2 (Wi-Fi Protected Access 2) encryption is just as basic.
Even with these basics, internal IT should be ready to provide any support. Your support is also necessary to determine the security level of the home network and its connected devices. The fact is: The weakest link determines the security of the entire network.
Even the very old PC for the children needs the current antivirus update so that it does not spread malware in the company network. Other important questions to be answered include: What is the release status of the router? And do employees strictly separate work and private use?
Rules And Technology For Data Exchange
How employees exchange and share data is regulated by companies in role-based access rights. They have to transfer and adapt these to the user groups in the home office. Technically, access to required resources can be realized via VPN. However, security depends on how the “virtual security tunnels” are configured. The setting, in which purely Internet inquiries from the home office go directly to a server on the Internet, has one possible consequence: an employee is granted the user right to download and install files from the Internet. There is a risk that he will infect his laptop with malware. This scenario can be prevented by directing all data traffic through corporate IT. In this case, firewalls take effect during the download.
Connect Home Office To Vulnerability Management
An important part of a security concept is efficient vulnerability management. This should also continuously scan home office environments for security gaps and suggest countermeasures such as configuration adjustments and patches.
Before a cloud-based solution such as the Greenbone Managed Service Platform (GMSP) scans home office networks for weaknesses quickly, easily and reliably, internal IT only has to create a new gateway on the cloud platform and make it available to the employee. The users then install it as a virtual machine on the company laptop and start the scan.
Ensure The Right Attitude In Technology And People
The way to a secure home and thus company network leads via secure WLAN at home, role-based access rights, correctly configured VPN to the company network and vulnerability management that constantly scans home office environments for sources of danger. In addition, companies must sensitize their employees so that they can also recognize clever phishing attempts and take appropriate countermeasures.