The security risks of Home-Office, VPNs, teleworking and desktop virtualization during a crisis.

Ulrich Fleck, Chief Revenue Officer SEC Consult Group

Due to the necessary measures implemented by governments around the world to contain the COVID-19 pandemic, the methods of working and sharing with your colleagues may have changed dramatically in the last few days and will remain so for a few weeks. And that’s not all: cybercriminals are using the current situation to their advantage. The danger posed by malware-laden maps of corona spreading  or malicious emails is overlooked in the current turmoil. Not even health facilities are currently being spared.  We will see CFO/CEO fraud attempts very soon.

In particular, the current need for employees to work from home is changing the way we depend on teleworking technology. It should, therefore, be the current focus of your attention:

  • Remote working was not widespread or even a no-go for your company and suddenly a majority of your employees are forced to place their remote desktop clients with highly sensitive data into their home network – a completely unknown, uncontrollable network– side by side with smart assistants, vacuum robots and possibly obsolete and unmanaged network components.
  • The visibility of your hosts by your endpoint protection is suddenly lost on most for your clients.
  • Desktop virtualization solutions are rolled out for all employees in a hurry to provide them with an efficient way to remotely work – without worrying about the details of hardening the configuration.
  • VPN access is made available to everyone, without taking a closer look at the configuration. Is it a good idea to route all traffic from the home offices to the internal network? On the other hand, a shared VPN could make sensitive date such as patents accessible to attackers.

Specific situations call for specific measures

SEC Consult can help you in this special and new situation:

  • Review and hardening of the configuration of typical home offices solutions
    • Virtual clients
    • Virtualized desktops
    • Teleworking infrastructure
  • Home workstation assessment including portscans, vulnerability assessments and a risk assessment based on the other devices on the home network
  • Best practices for home office VPN configuration, including configuration verification and assurance
  • Assessment of potential new VPN Solutions that have recently been introduced

All these projects can be carried out remotely and at short notice by one of our security consultants.

Considering our usual approach to security testing, this may seem a bit superficial, but eliminating missing patches, configuration errors and other faux pas is an important first step.

It will also be useful to prepare an appropriate cleanup plan: if the situation improves as the COVID-19 pandemic and related measures progress and employees return from their home office to their regular office, there is a risk that they will bring potentially harmful “baggage” with them into the internal corporate network.

And in the event that you become the victim of a cyberattack during this particularly sensitive phase – our SEC Defence Blue Team is on duty and ready to assist you with incident response, incident handling or forensic measures.