Prior to COVID-19, a large portion of the workforce conducted business the traditional way—on a proper desktop computer at the office. Sure, they may have toted their laptops along on the occasional business trip or vacation, but the Coronavirus ultimately forced a new cohort of employees to regularly work from home for the first time, resulting in a growing surface area of data to protect from cyber-attackers.
As workers become more comfortable in their new remote routines, it’s important to ensure they don’t let their guard down when it comes to storing and sharing company information.
MORE SURFACE AREA MEANS MORE TO PROTECT
Data sprawl is one of the many risks associated with a remote workforce. As you’re already aware, the more devices, networks, and cloud-based services an employee uses, the more holes cyber attackers can find to poke and probe.
Let’s look at how easily a breach can happen in a typical work-from-home environment: You’re working on a large presentation in your firm’s cloud, but your entire household (and potentially neighborhood) is consuming bandwidth, creating issues that decrease your productivity. To speed things up, you decide to download the presentation and save it locally to your desktop. When you finish the project, you upload a new version to the cloud to share with your team.
Later that night as you watch a movie with your family, your teenager remembers he forgot to send an email. Your laptop is closest to him, so he uses it to open his Gmail. As he clicks through the slew of emails that landed in his inbox that day, he inadvertently opens an attachment that leads him to a phishing site.
Now, that presentation you stored locally is up for grabs, making your entire firm vulnerable to a data privacy breach.
PREVENTING & DETECTING ANAMOLOUS ACTIVITY
This scenario could have been avoided if you had adhered to the following protocol:
- Never share company-owned devices (including laptops, desktops, and mobile phones) with anyone, including family.
- Don’t store information after it’s no longer needed. If employees must download a file locally because of the operational need—a situation we’ve all found ourselves in—it’s important to store the data in one area only and purge it when finished.
But as we’ve said before, instructing your employees on what not to do isn’t always enough. Agio’s engineers attest to the fact that it only takes seconds for attackers to enter a system, and the time it takes to steal what they need can be measured in hours. This means that when it comes to protecting your firm’s data (and its dollars), it’s imperative to implement a service that will monitor and mitigate threats like the one you just experienced, in real time.
Data sprawl—and its inherent risks—will exist so long as employees continue to work remotely. A Managed Detection & Response (MDR) program identifies and alerts users to abnormal activity in company endpoints. If attackers do gain access to employee devices, anomalous activity detected by the MDR platform will indicate the activity warrants further inspection.
Agio’s team of engineers have industry-specific expertise when it comes to detecting and defending against threats. Contact us, we can help.