How to protect yourself and your company from cyber attacks when working from home

Imagine this: You were working from home and left the front gate unlocked after returning from a morning grocery run.

Just as an unlocked entrance is inviting to criminals, having your computer inadequately unsecured is akin to leaving your doors wide open to malware attacks and hackers.

As workplaces across the globe, including in Singapore, move toward a hybrid work model that combines remote work and office time, the accelerated adoption of personal devices for work will continue.

The explosion in the remote and home-based use of end-user devices, which include laptops, point-of-sale terminals, and Internet-of-Things (IoT) gadgets, means the security risks associated with them are heightened as well. Think having more than one point of entry to your home - and having to ensure that each is secured at all times.

"When there is a huge explosion of end-user devices, such as computers outside of the corporate network, there is an increased risk from a security point of view, says Mr Gene Ng, regional vice president of Asia Pacific and Japan at BeyondTrust.

If a breach happens, sensitive and confidential data could end up in the wrong hands. "Endpoint devices are where the data is. Think of intellectual property, military secrets, personal data, and healthcare information. That is why endpoint security is very critical," says Mr Ng.

GET BT IN YOUR INBOX DAILY

Start and end each day with the latest news stories and analyses delivered straight to your inbox.

Sign UpVIEW ALL

What happens when the endpoints are not secure?

According to a study last year, seven in 10 successful data breaches started at the endpoint. This year, Covid-19 has multiplied the number of insecure endpoints that are susceptible to remote attacks. Many of these involve personal devices, or BYOD (Bring Your Own Device), which may not be adequately hardened. Home-based workers may also be connecting to work servers via insecure protocols.

As the economy reopens and more Singaporeans return to the office, many business owners are still trying to figure out the best way to facilitate telecommuting while ensuring that the fast-expanding remote access connections and growing numbers of endpoints are protected against possible breaches.

"Endpoint security ensures devices do not become a launching pad to start an attack, and cause malicious threats to spread to the entire network and to other endpoints," Mr Ng explains.

Yet, business owners need to be mindful about having too many security protocols. "Your employees will get a poor user experience, and your IT desk may be overwhelmed with complaints," Mr Ng adds.

Five steps to complete endpoint security

What should business owners do to ensure that the endpoint devices are secure and that their employees are aware of the importance of keeping their devices secure?

Mr Ng lists five key steps businesses should take to implement an effective endpoint security strategy.

Step 1: Install antivirus software

"The first step is the protection against malware. This is the most basic step, and a solution like antivirus software, which most companies have, helps to address that," says Mr Ng. Unfortunately, 60 per cent of attacks today are missed by antivirus software, he adds, which paves the way for the next two steps.

Step 2: Reduce administrative rights

This step involves the removal of excessive superuser privileges, also known as administrative rights, advises Mr Ng. Superuser capabilities can include uninstalling or disabling security tools, downloading or executing malicious software that can trigger malware attacks, and even adding or altering permissions for other users. Restricting admin rights is one of the most effective ways to prevent and reduce the harm of malware attacks, and can be performed using Endpoint Privilege Management (EPM) software.

Step 3: Control application usage

This step involves both the control of applications and the blocking of malicious code. Using Endpoint Privilege Management software, companies can determine what applications can be run. "By blocking certain applications, we can stop attackers from executing inappropriate commands or launching malware at endpoints," says Mr Ng.

Step 4: Keeping a watchful eye on potential threats

Continuous monitoring and detection of harmful activities make up the fourth step. This step aims to help address any threats that may have bypassed the first three steps, adds Mr Ng.

Step 5: Decide if additional security layers are needed

The final step comprises the implementation of additional measures, decided upon a case-by-case basis. Some of these measures include endpoint vulnerability assessments, or endpoint detection and protection platforms.

How BeyondTrust Endpoint Privilege Management can help

BeyondTrust Endpoint Privilege Management is a preventative endpoint security solution that combines dynamic control over privileged access and administrative rights with advanced application control. This solution protects your endpoints against both external and internal attacks, while enabling users with the precise rights and access they need to be successful in their roles.

"Our solutions automatically grant users accessibility to certain applications, based on their profile. For instance, if they have medium level or advanced level access," says Mr Ng.

The BeyondTrust solution also features passwordless administration, which grants temporary access to authorised users if they wish to perform a certain task. This eliminates the need for creating passwords, which reduces management complexity as well as risk from potential password-based exploits.

BeyondTrust's Endpoint Privilege Management solutions can help you meet your needs via both on-premise and cloud-based deployments.

Visit BeyondTrust's website to find out more about how you can secure your end-user devices against malware, access abuse, and intellectual property theft.

Brought to you by