Introduction
The pandemic has taken a toll on our lives, ranging from annoyance to tragedy. It’s been a learning process for all of us around how we can stay as safe as possible, while still going about our daily lives, maintaining physical and social health, in addition to doing our jobs.
Remote workforce monitoring is on the mind of every security practitioner even as organizations transition back to work. The challenges of a remote workforce are vast, but among the most alarming is the lack of visibility. Censys provides visibility into home networks that may not be protected by your firewall or company VPN.
Security Challenges Amid a Remote Workforce
For the workforce across the country that “transitioned” to remote working overnight, cybersecurity risks skyrocketed with IT teams pivoting to accommodate new requirements and needs for their organizations. Criminals are never far behind the latest trend and cybercriminals and other malicious actors are no different. As we pivoted remotely, they too pivoted and reset their focus on the vulnerabilities of many home networks, due to a lack of urgency or technical knowledge on the homeowner’s part to protect them. They’ve used them to hide out, stage attacks, learn, and steal personal information. But now that so many have turned to remote work, these home network vulnerabilities have a new value for attackers – working their way to corporate assets via unsecured home networks.
Organizations unfamiliar to a dispersed workforce, one that uses home networks and Internet service providers to accomplish business tasks, have largely been scrambling to find a way to keep their employees and data safe. Many have turned to Virtual Private Networks, or VPNs, to create an encrypted tunnel for their workers to use. However, these are difficult to force workers to use, can slow down network traffic, turn off without warning leaving workers’ assets exposed or create the inability to do their jobs. In addition, logs don’t always provide the assurances that workers are using them appropriately or the intended manner. Plus, many workers can still access the same assets without the VPN and requiring mandatory VPN to access corporate assets can be a long, costly, and complicated process. Other models like single sign on (SSO) or zero trust are options, but these also require significant planning and resources to enable, so for smaller, less experienced organizations, they really aren’t options at all in the near term.
Mitigating Home Network Risks
So, where are we at? A remote and potentially exposed workforce. Attackers poised to exploit the situation. And limited resources. What can organizations do today to reduce their risk?
1. Using security controls like VPNs or Single Sign On with 2-Factor to access organization assets (email, databases, file servers) without.
By using the Censys Attack Surface Management Platform and our Home Network Risk Identifier (HNRI), organizations can quickly see exposures and start to make calculated business decisions such as moving access to organizational assets behind mandatory security controls. The decision to reconfigure an organizations’ assets behind a VPN or institute a full zero trust or SSO security model requires informed, data-driven visibility into how many workers are exposed, potential vulnerabilities, and an understanding of how often these issues occur. Modifying certain attack surface management controls on corporate-owned assets being operated from home is the first step.
By leveraging our Universal Internet DataSet, as well as a host of other open source information feeds, options like the Censys Home Network Risk Identifier (HNRI) allow organizations to gain critical visibility of assets exposed to the Internet, what software vulnerabilities or configuration risks they may be presenting, and integrate into your existing workflows to begin remediation actions.
2. Using a VPN, but acknowledging challenges to usability and the potential for malfunction.
Maybe you have some great security controls and policies in place like using VPNs, but too often VPNs are not enough. Problems such as privacy concerns may cause some employees to avoid constant VPN use, while others might lack the technical ability to operate correctly. Some staff may feel it slows them down or is inconvenient and other times VPNs may malfunction. Whatever the reason, your organization is now investing in a security tool that is not protecting your organization enough. In fact, it may even be providing a false sense of security.
Only the best visibility can detect all of these issues and inform your security team of such unaddressed issues. Censys ASM Platform is built on top of the best Internet-scan data to provide you evidence-based, data-driven security and risk management.
3. General lack of awareness around vulnerabilities in the home network that could even allow for attacks on smart devices with the potential impact on organization assets and data.
We’ve all been there (including me). We change default passwords on our Internet service provider routers, close unnecessary ports, protect home smart devices with an advanced security router, but inevitably, a manufacturer sends an update that undoes our work or we miss something. That’s why HNRI exists. Finding assets exposed to the Internet that shouldn’t be or remote administration ports can cause major complications and damage to the company, as well as significant consequences to the individual. You can arm your employees, or your blue team, with the ability to make critical and necessary improvements to your risk management function to make everyone’s lives safer.
Not only can this data be helpful to solve security problems, but it can also be an invaluable tool to inform business decisions on asset change management, such as requiring a VPN to access corporate assets, using an SSO solution, architecting a zero-trust model, or exploring other centralized access. Additionally, such data can inform the purchase and implementation of other security controls like enhanced endpoint detection and response agents or user behavior anomaly detection options. For more on good home network security, check out a great resource published by CISA.
Protect your Employees at Home
The point is, like with any risk management function, we can’t protect what we can’t see. And while we’re glad our workers are more physically safe at home, their networks often are not. This means organizations’ assets could be at greater risk than pre-pandemic times. The Censys ASM Platform includes critical remote workforce management tools like HNRI to provide IT managers and security teams an accurate view of what’s exposed, when it’s exposed, the types of vulnerabilities and misconfigurations that can cause problems down the line. Not only will your company stay better informed, but they will also be able to better manage this risk with seamless integrations into your existing workflows. Our automated tooling can empower change for truly greater security.
For more information about HNRI or to get a demo with Matt today, contact us!
