Distributed teams with remote workers, mobile employees, and multiple office locations are faced with unique security challenges. The larger variety of devices, network infrastructure, and probable working locations all contribute to a wider attack surface that needs to be managed accordingly.
Employees need to have access to data in order to perform their roles and enable remote collaboration with their team members. Without a designated office space and equipment, ensuring secure remote access to sensitive data becomes a top priority for security professionals.
While technologies such as enterprise VPNs and remote access software can provide employees with secure access to the files they need, they can’t be relied upon as the sole source of data security. Even with an encrypted VPN connection a compromised endpoint device can potentially become an access point for threat actors to infiltrate the network. A layered security approach is needed to provide employees with remote access to data while mitigating the risks associated with their devices.
Even with secure remote access options, employees may negligently capture data and transfer it to unsecured channels if the speed of the remote access technology isn’t up to par. Network administrators can disable file transfers and copy/paste operations in an attempt to mitigate this risk, but employees can still potentially be capturing data through desktop recording software and by taking screenshots.
If remote access to data is required, the security infrastructure needs to include methods for validating the credentials of users that are connecting to the internal network and methods of limiting access permissions based on the employee’s risk level and the requirements of their role.
The prevalence of mobile devices and wider variety of working locations introduce significant physical security risks for distributed teams. Whether employees are working from home, out of a shared co-working space, or while travelling, they are likely to not have the same degree of physical security measures as employees in a traditional office.
The prevalent use of personal devices among distributed teams comes with a high degree of risks. While some of these risks may be addressed by measures outlined in a formal Bring Your Own Device (BYOD) policy, IT security teams simply cannot ensure the same level of protection for personal devices as they can for company-provided devices.
Employees that work from home and connect to the internet using their home networks are also more vulnerable to external threats. Remote employees may not be proactively securing their networking hardware against common exploits such as default remote access credentials that allow threat actors to enact Man-in-the-Middle (MITM) attacks.
Employees that are using personal devices have unfettered access to admin privileges – this poses a significant opportunity for unmanaged software and hardware to become an endpoint security vulnerability. The endpoint devices of distributed employees can also be connected to notoriously insecure consumer IoT devices, devices of other household members, and several other internet-capable devices that are unable to be managed by the corporate IT department.
While company-provided devices can be readily monitored and managed, they are not immune to shadow IT vulnerabilities. Even without admin access, end-users can retain access to several shadow IT programs through the use of web portals that offer similar functionality. While the use of a web filter can block access to these programs, distributed teams will also need to place a significant emphasis on developing a knowledgeable and security-driven workforce to further mitigate shadow IT risks.
Employees that are working from home are likely to inadvertently increase their security risks by letting their defenses down. Security teams and leadership need to work with distributed employees to ensure that security is prioritized as a company-wide responsibility and not simply a task for the IT department to manage.
Maintaining a security culture is much easier when employees are in constant contact with their coworkers and other members of the company. Employees in a distributed team need to be provided with consistent messaging that focuses on their data security responsibilities, the actions they can take to maintain the security of their devices, and the common threats that they can expect to be faced with.
The employee offboarding process presents significant data security risks. Employees have intimate access to corporate data, insider knowledge of the organization’s systems, and a level of trust that can allow them to steal data undetected.
These vulnerabilities need to be addressed as part of any insider threat management program. Click here to learn the best practices for protecting data during a termination and gain access to a downloadable IT offboarding checklist.
The unique security challenges of distributed teams largely stem from the difficulty of implementing and enforcing the critical security controls that take place in traditional office environments. These challenges can be addressed with careful consideration for how remote-compatible technologies and procedures can be used for authentication, secure file access, and enforcing cybersecurity best practices. Where the provision of carefully monitored and managed devices is not feasible, security teams will need to work within the limitations of personal devices and address the added risks.