By Pete Nicoletti, Field CISO Americas, Check Point Software.

After two years of having our businesses and lives impacted by the pandemic, it appears that things are slowly getting back to normal. However, some changes are here to stay. One of them is the way we work. Working from home is clearly not just another fad; it’s the future!

Remote work has introduced a myriad of benefits, from time saved during commuting, to verifiably increased productivity. Today’s world requires us to be connected everywhere, no matter what application or device we are using. As a result, more security challenges are to be expected, as sensitive data continually flows from both corporate and home locations to the cloud and data centers, thus making the attack surface wider than ever before.

Many organizations rushed their digital transformations to support home based work, leaving behind a trail of security risks. Companies also did not anticipate the increasing numbers of attacks, the shifts in employee habits, BYOD implications, or insecure home networks, which have significantly impacted the security posture of businesses.

The cost of remote work: Two critical aspects

Although WFH has many benefits, it also comes with a cost.

One report showed that 20% of organizations experienced a breach because of a remote worker. This resulted in increased costs to the organization, with 24% of respondents in the report saying that they paid unexpected expenses to resolve the breach or malware attack.

When IBM released its Cost of a Data Breach report, it was revealed that the average data breach cost increased by over $1 million whenever remote work was a causal factor. Furthermore, it took organizations with a remote workforce 58 days longer to identify and contain the breach than office-based organizations.

Businesses must be aware of and address the two issues above. Remote work can result in more frequent and more costly breaches!

Remote corporate access stats

According to Check Point’s 2022 Workforce Security Report, 57% of organizations report that over half of their workforce works from home at least 2 days a week.

However, many organizations don’t or can’t enforce security policies that ensure maximum protection. Why? They need to allow employees to remotely access corporate applications in order to carry out their job responsibilities, and they don’t have the appropriate security controls. Seventy percent of organizations report allowing access to corporate assets from personal laptops and mobile devices, while only 17% reported limiting remote access to corporate laptops.

The statistics below convey how many organizations allow remote access to corporate applications:

  • 51% from personal mobile devices
  • 52% from personal laptops
  • 32% by third-parties
  • 6% do not allow any remote access

Furthermore, only 11% mentioned that they don’t use any methods to secure remote access to corporate applications (i.e. VPN, MFA, ZTNA, or device risk posture check).

Below are more statistics pertaining to how organizations secure remote access to corporate applications:

  • 73% use VPN connections
  • 46% use multi-factor authentication
  • 18% use Device risk posture check
  • 16% use Zero Trust Network Access

Businesses need to understand that their risks increase when BYOD devices are used and when employees connect over insecure internet connections.  Home WI-FI networks are rarely secured with the latest encryption and authentication methods, and hundreds of thousands of home users never change their default router password. Hackers set up fake wireless access points at the airport and coffee shops, and they can monitor transactions for valuable information and login credentials to use for their nefarious purposes.

Internet access security statistics

In 2021, Check Point Research discovered over 10,000 new malicious files and 100,000 new malicious websites every single day. That is a startling number. Unfortunately, 20% of organizations don’t use any methods to protect remote users who are browsing the internet, and only 9% use methods to protect against internet-based threats.

For the 9% of organizations that do protect remote users who are browsing the internet, here are they methods they use:

  • 55% use URL filtering
  • 49% use URL reputation
  • 41% use content disarm & reconstruction (CDR)
  • 31% use zero phishing
  • 17% use credentials protection

Hackers create www sites to look exactly like ones you know and trust.  You can’t trust your employees to know the difference.  Businesses need to protect their employees from internet-based threats.  The newest endpoint tools can be deployed on employee devices, cell phones, laptops, and tablets. They can keep the corporation safe without interfering with the private browsing and personal business that employees engage in.

Data protection statistics

Thirty-one percent of organizations don’t use any sound methods to prevent business data from leaking. This can result in catastrophic damages. Employees may unintentionally or purposely leak data, resulting in fines caused by non-compliance with regulations, losing a competitive edge due to IP breach, as well as incident response costs and reputational damage.

Here is how businesses prevent sensitive data from leaking:

  • 43% use disk encryption on endpoint devices
  • 42% scan email and office apps for sensitive data
  • 30% scan files for sensitive content

The above stats reveal that businesses are not doing enough to protect their information…especially since the tools are no longer hard to install or manage…and are inexpensive!

Lack of ransomware protection and no mobile device defense

Twenty-six percent of organizations don’t have an endpoint solution that can perform any of these essential functions: detection and stoppage of ransomware attacks, quarantining of the infected endpoint, and recovering ransomware encrypted files.  Last year, ransomware attacks increase by 93% year-over-year, so this threat is not to be taken lightly.

Not too long ago, threat actors introduced triple and quadruple extortion ransomware attacks, so it’s absolutely critical that organizations improve their anti-ransomware capabilities.

Furthermore, only 12% of organizations that allow corporate access from mobile devices use a mobile threat defense solution. Mobile devices have become so commonplace that hackers use every vector they can to phish employees or install malicious mobile applications.

How to immediately improve security without buying anything: policy training!

When you look at the statistics above, it’s clear that a remote workforce security solution is absolutely necessary. However, it takes time to buy a solution and get it set up. So what can you do today in order to improve defenses?

Simply require your employees to not re-use corporate passwords on non-corporate web sites.

I have a crazy story to share: When I was a CISO at a previous organization, on my first week on the job, the Ashley Madison hack took place. After I downloaded the purloined database of names, e-mail addresses, and passwords, I cross-checked them with employees that used their corporate e-mail address, and compared the password used on Ashley Madison with their company AD password. And I found over 200 cases of password re-use!

This could have been devastating to the organization as anyone could have used those stolen credentials to log into the corporate network and to access their suite of tools.

All of the employees should have followed policy and not used company credentials on external sites…. But we had no way of enforcing this policy.  The newest end point tools can eliminate this risk.

Conclusion

Organizations and employees have embraced remote work as a new way of business life. However, organizations still need to work on improving their defenses to secure remote users and their access.  As we have outlined above, the stats are not encouraging and are leading to an increase in breaches. Business executives need to work with their security teams and trusted advisors to ensure they are protecting end users and their connections to business resources.

Check Point Harmony is the industry’s first unified security solution for users, devices, and access. The solution provides organizations with the most comprehensive and robust workforce security, by consolidating five security products to provide complete protection for remote users – all in a single solution that is easy to use, manage and buy.

Harmony offers an alternative that reduces the overhead and complexity involved in using multiple solutions from multiple vendors. The solution is easy to manage, providing a unified and intuitive cloud-based management, and enabling user-centric security policies to be applied across the organizations’ environments. Lastly, Harmony is easy to buy with a simple and all-inclusive per-user subscription pricing model. Learn more about Harmony here:

For more insights from Pete Nicoletti, click here. Lastly, to receive cutting-edge cyber security news, insights, best practices and analyses in your inbox each week, sign up for the CyberTalk.org newsletter.