OUT OF SIGHT, out of mind, the saying goes. Thanks to COVID-19, however, most channel pros are positively obsessed with what they can’t see these days.
That’s because their clients are still mostly working remotely, beyond the reach of the email gateways, content filtering systems, firewalls, and other technologies that protect them at the office. “Once users are out of that environment and they’re using their devices at home, we no longer have any visibility or control,” says Stanley Kaytovich, director of operations at QWERTY Concepts, an MSP in Piscataway, N.J.
Cybercriminals, moreover, are well aware of that fact. Indeed, malware attacks generally jumped 358% in 2020 and ransomware attempts specifically rose 435%, according to endpoint and mobile security vendor Deep Instinct, due in part to the rise of work-from-home (WFH) computing.
Confronted without warning last spring by the coronavirus pandemic, IT providers improvised remote work arrangements for their customers in a hurry. They’ve been refining the security measures they put in place in those same hectic days ever since. Along the way, they’ve learned a lot about what makes WFH security unique and how best to construct a layered work-from-home security strategy.
Inadequate visibility and control are just part of what makes securing home-based employees so difficult. Their ever-changing, unpredictable hours as they juggle childcare with work make the pattern analysis many security solutions rely on to distinguish normal from suspicious user behavior difficult as well.
Worse yet, many SMBs have been relying on Microsoft’s Remote Desktop Protocol to connect homebound employees with office resources despite RDP’s well-known vulnerabilities. In fact, security software maker Kaspersky observed a 242% leap in brute force attacks against RDP in 2020. “Honeypot” servers set up by researchers at security vendor Sophos last year, meanwhile, received a median average 467,000 RDP login attempts each over a 30-day period. That’s about 600 an hour, or one every six seconds.
Unauthorized apps have been a continual headache too, according to Lawrence Cruciana, president of Corporate Information Technologies, a provider of security and managed IT services headquartered in Charlotte, N.C. For example, he notes, users have been holding meetings on conferencing solutions other than approved systems like Teams and Zoom. “We started seeing that kind of blossom in software audits,” he says. “There were some we’d never even heard of.”
The worst problem of all, though, is also the most familiar to channel pros: users doing business on home PCs with consumer rather than business-grade security software onboard, or perhaps none at all. Making matters thornier, remote workers often switch back and forth between corporate and personal devices at will—and without notifying their employer.