{"id":11363,"date":"2021-05-16T11:26:16","date_gmt":"2021-05-16T11:26:16","guid":{"rendered":"https:\/\/web3unplugged.io\/blog\/?p=11363"},"modified":"2021-05-16T11:26:21","modified_gmt":"2021-05-16T11:26:21","slug":"beware-of-the-return-to-office-how-organizations-can-protect-against-pandemic-sleeper-threats","status":"publish","type":"post","link":"https:\/\/web3unplugged.io\/blog\/beware-of-the-return-to-office-how-organizations-can-protect-against-pandemic-sleeper-threats\/","title":{"rendered":"Beware Of The Return To Office: How Organizations Can Protect Against Pandemic Sleeper Threats"},"content":{"rendered":"\n

By: Rick Vanover, Senior Director for Product Strategy and Dave Russell, Vice President of Enterprise Strategy<\/strong><\/p>\n\n\n\n

As organizations get closer to implementing return-to-work plans, most employees are excited about getting back into an office routine. They miss their colleagues, their favorite lunch spots, and the on-site corporate culture that can\u2019t totally be replicated over Zoom.<\/p>\n\n\n\n

IT administrators have a slightly different view. They miss all the in-office benefits, too, but for them the prospect of having employees all get back on the network after a year of remote working is a scary thought. The admins worry that, after a period of being lax about security, employees will bring compromised devices back to the office and expose the company to new threats.<\/p>\n\n\n\n

They may have a point. Work computers have played many roles during the pandemic \u2013 hosting everything from social gatherings to workouts, online learning sessions, home shopping and Netflix streams. Family members have borrowed Mom\u2019s computer to play online games, and passwords have been passed around. Cyber diligence has taken on a lower priority than it should have.<\/p>\n\n\n\n

Cyber criminals are well aware of how insecure employee environments have been. They struck with a round of phishing attacks during the spring 2020 lockdown period. Now, administrators are concerned that hackers might implant vulnerabilities in unsecure laptops and unleash them once employees reconnect with a wider array of resources inside the corporate network.<\/p>\n\n\n\n

Some companies did a good job getting ahead of security threats. When remote working became standard practice, some were able to issue company standard devices with regularly patched antivirus security. But the majority found themselves scramblingto enable quick and adequate working-from-home setups that didn\u2019t require regular updates, patches and security checks.<\/p>\n\n\n\n

A cybersecurity survey<\/a> conducted in February reflectsjust how unprepared enterprises appear to be for the return-to-work security threat. Of those surveyed, 61% used their own personal devices \u2013 not work-issued computers \u2013 at home. Only 9% used an employer-issued antivirus solution, and only 51% received IT support services while transitioning to remote workstations.<\/p>\n\n\n\n

Administrators are bracing for trouble. They\u2019re bringing large numbers of potentially unsecured devices back into the fold at the same time they\u2019re preparing to accommodate a new normal based on hybrid home\/office staffing. According to Veeam\u2019s Data Protection Report<\/a>, 94% of organizations in the Middle East increased their cloud services usage significantly as a result of remote work, and the trend is expected to continue, meaning there will be more endpoints to protect.<\/p>\n\n\n\n

So, how can organizations prepare for this transition? Here are a few steps they can take:<\/p>\n\n\n\n

Undergo rigorous return-to-work preparation<\/strong><\/p>\n\n\n\n

This is essentially the step where IT administrators physically go through all the affected resources and ensure they\u2019re ready to re-enter the game.<\/p>\n\n\n\n

Start by carrying out risk assessments for each employee and each device. Which devices have been patched and regularly maintained? Computers used for remote working are likely to have confidential company data on them; where has the company data been saved, and under which account? These checks need to be performed to minimize risk and make sure compliance standards like General Data Protection Regulation (GDPR) is being maintained.<\/p>\n\n\n\n

Also, check to see if employees have given away passwords to family members using work computers. Did employees change their passwords? Did they use the same passwords across work accounts and personal accounts? Did they install any new software or remove any during the remote work period? Administrators need to know before they let employees back on their networks.<\/p>\n\n\n\n

Next, make sure to scan all relevant devices for unauthorized apps and software. Employees needed to get creative with work solutions, so they may have tappedresources that help them get through everyday tasks but aren\u2019t up to security standards. Run endpoint detection<\/strong> scans on all returning devices to uncover any hidden vulnerabilities. Cybercriminals often target endpoints, so IT teams need to scan all corporate and personal employee devices that will be brought back to the network.<\/p>\n\n\n\n

Improve employees\u2019 digital hygiene<\/strong><\/p>\n\n\n\n

While employees may have let their proverbial hair down during remote work, they\u2019ll need to rededicate themselves to proper digital hygiene. Push them to use separate passwords for home and work devices. And make sure they\u2019re using conventions that are complex and hard-to-crack. Bring back regular trainings to ensure that they\u2019ll be able to spot phishing emails and other threats. Set up guidelines for using public wi-fi and for downloading materials. As employees return to work, it\u2019s up to the administrators to refine IT practices, one by one, to protect against the top threats in the organization.<\/p>\n\n\n\n

Monitor all activities<\/strong><\/p>\n\n\n\n

The best way to spot problems is to set up a system to flag them as they happen. This practice can be applied to workers\u2019 tools \u2013 and behaviors \u2013 as they reintegrate themselves with all of the company\u2019s applications. Take advantage of monitoring tools that track changes in usage and applications. If an employee makes a change in an application, you\u2019ll want to know. It could be a bug altering a piece of code. Or it could be a change that you made \u2013 purposefully or inadvertently \u2013 that you\u2019ll want to reset. Get in the habit of checking your monitoring tools at least a couple of times a day. It takes a minute, but it allows you to continually reassess your cybersecurity footprint.<\/p>\n\n\n\n

Ensure cloud data management and backups are sound<\/strong><\/p>\n\n\n\n

This is a time for IT administrators to make sure all data management and backup services are in good order. If a rogue device does put any data at risk, you\u2019ll want to make sure to have backups in service and programmed with practices that will ensure that the data in question is protected and fully available. Keeping the so-called \u201c3-2-1 rule\u201d in mind: Make sure to maintain at least three copies of business data, store critical business data on at least two<\/strong> different types of storage media and keep one copy of the backups in an off-site location. To that, in the ransomware era, we\u2019d expand 3-2-1 to 3-2-1-1-0: Adding another one to the rule where one of the media is offline, and ensuring that all recoverability solutions have zero errors.<\/p>\n\n\n\n

Conclusion<\/strong><\/p>\n\n\n\n

While IT administrators are looking forward to water-cooler talk and on-site collaboration as much as anybody else, they\u2019re understandably concerned about the cybersecurity implications of a more broad-based return to work. It could be a challenge. But with proper planning and follow-through, enterprises can manage the risk and solidify their strategies for protection going forward.<\/p>\n","protected":false},"excerpt":{"rendered":"

By: Rick Vanover, Senior Director for Product Strategy and Dave Russell, Vice President of Enterprise Strategy As organizations get closer to implementing return-to-work plans, most employees are excited about getting back into an office routine. They miss their colleagues, their favorite lunch spots, and the on-site corporate culture that can\u2019t totally be replicated over Zoom. […]<\/p>\n","protected":false},"author":1,"featured_media":11366,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"none","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-11363","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"rttpg_featured_image_url":{"full":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1.jpg",900,699,false],"landscape":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1.jpg",900,699,false],"portraits":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1.jpg",900,699,false],"thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1-150x150.jpg",150,150,true],"medium":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1-300x233.jpg",300,233,true],"large":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1.jpg",900,699,false],"1536x1536":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1.jpg",900,699,false],"2048x2048":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1.jpg",900,699,false],"post-thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1.jpg",541,420,false],"graptor-sq-xs":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Rick-Vanover-and-Dave-Russell-1.jpg",100,78,false]},"rttpg_author":{"display_name":"admin","author_link":"https:\/\/web3unplugged.io\/blog\/author\/admin\/"},"rttpg_comment":0,"rttpg_category":"Uncategorized<\/a>","rttpg_excerpt":"By: Rick Vanover, Senior Director for Product Strategy and Dave Russell, Vice President of Enterprise Strategy As organizations get closer to implementing return-to-work plans, most employees are excited about getting back into an office routine. They miss their colleagues, their favorite lunch spots, and the on-site corporate culture that can\u2019t totally be replicated over Zoom.…","_links":{"self":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/11363","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/comments?post=11363"}],"version-history":[{"count":1,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/11363\/revisions"}],"predecessor-version":[{"id":11367,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/11363\/revisions\/11367"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media\/11366"}],"wp:attachment":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media?parent=11363"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/categories?post=11363"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/tags?post=11363"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}