Despite a return to the office for certain workers, teleworking is still recommended when possible to continue the fight against the pandemic. However, this model must be accompanied by the implementation of more supervised cybersecurity rules, in order to protect employees and businesses. Since the start of the health crisis, many teleworkers have had to juggle family obligations and use personal devices and unsecured home networks to work and browse the internet. Unfortunately, they have unwittingly become weak links in the security of their business, especially those with privileged access. These are the gateways to an organization’s most valuable data, and are at the heart of all major data loss. One of the quickest and most effective ways to limit cyber risks is to set up privileged access management. Thus, an organization will be able to face the four major threats induced by telework: the internal threat; cloud environments; employee terminals; and, finally, the supply chain.
The internal threat – Our research reveals that 36% of employees surveyed concede to save passwords for their online accounts on their professional devices in an insecure manner. Additionally, they download unauthorized apps or share sensitive files through unprotected collaboration tools. While these activities are not malicious, they can still endanger data and systems. Cybercriminals are betting on the current crisis to target remote employees, suppliers and service providers with access to the corporate network. To do this, they use phishing and social engineering techniques. However, if the compromised user has privileged access to critical systems in his organization, all teams will be affected: system administrators and RPA, including IT teams and potentially the management committee. In addition, most of the threats emanating from the employees of an organization are accidental, but it can also be a disgruntled employee or former supplier who use unrevoked access rights to legitimately circumvent the measures of security. The objective of managing privileged access is then to give employees only the levels of access necessary for their mission. This ensures that activities initiated on the network are not malicious and, if they are, IT teams are able to act quickly and efficiently to prevent compromise.
Cloud environments – digitalization has accelerated with the COVID-19 health crisis: 68% of companies would accelerate this progression in order to give more possibilities to teleworkers. SaaS systems offer employees fast and optimized solutions for connecting, collaborating, backing up data and managing their tasks. All the more so, SaaS tools are easy to deploy, inexpensive and limit bulky equipment. However, companies do not always take into account the potential risks that this represents for their cybersecurity. Less than half of them have implemented a privileged access strategy to secure access to the cloud network. Confidential information is nevertheless kept in the cloud, access to which is high-powered. Given today’s challenges to ensure business continuity, security teams cannot afford to backtrack and resolve any problems that arise after deploying cloud services. By having privileged access management, organizations could correct this difficulty and benefit from a global and coherent approach. With an overview of risks and taking into account privileges wherever they exist, companies are becoming more efficient.
Employee terminals – With the increase in teleworking, securing employee positions is a huge challenge for businesses. Moreover, we have observed that 85% of French remote employees use personal terminals, generally insecure and connected to home networks with little or no protection; they also generally make little distinction between work and personal use of these devices. Teleworkers are a target of choice because a lack of vigilance can lead to accidental downloading of malware. Especially since many companies have granted local administrator rights to their telework employees, which allows them to download, install and connect to applications and software, without having to go through the teams in charge IT or network security. Thus, 53% of French employees have adopted communication and collaboration tools, such as Zoom and Microsoft Teams, which have recently reported security vulnerabilities. These local administrator rights are therefore extremely useful for cyber attackers, as they allow them to elevate themselves in privilege and gain access to sensitive data on the network. This is why it is advisable to remove the rights of local administrators and opt instead for the principle of least privilege, while providing flexible access in real time, so that remote workers can remain productive in complete safety.
The supply chain – The troubles caused by the health crisis extend beyond telework workers, and affect all third parties: suppliers, subcontractors, external consultants and service providers in the supply chain. In fact, 90% of companies grant third-party suppliers privileged access, so that they can connect to internal systems and can manage the data necessary for the proper functioning of their mission. However, these external users are not employees of the organization, which makes monitoring and securing their access often difficult. In addition, many of them also work remotely from insecure systems, which greatly increases the attack surface. Usually, companies use VPN solutions to provide access to employees. Only, in addition to not providing a specific level of permissions required to properly secure access, VPNs require middleware and passwords that add management work to already overworked IT teams. Innovations in the privileged access sector help to help companies overcome the difficulties encountered by authenticating users via processes such as biometrics and double authentication. These technological solutions allow companies to maintain a supplier workflow, reduce operational costs and significantly improve the cybersecurity strategy implemented.
A new normal has imposed itself in companies and has brought about a clear increase in teleworkers in organizations and within the various supply chains, thanks to a massive deployment of new services and tools. Managing privileged access is therefore essential to prevent data leaks caused by lax security measures. Hackers are tenacious, trained and innovative, so it is up to security professionals to persevere in implementing an optimal strategy. For this, a modern and comprehensive privilege management strategy is an excellent starting point.
By Mathieu Richard, commercial director at CyberArk