5 steps to mitigate the IT risks of employees returning to the office

Scott Dodds, CEO, Ultima, shares his five key tips on how organisations can avoid IT risks as their employees return to the office safely.
Scott Dodds, CEO, Ultima, shares five key steps that organisations should follow before welcoming employees back into the office en masse to avoid IT risks.
ployees return to the office safely.

Finally, reaching the end of lockdown brings a new call for people to return to the office part-time or full-time. While this might be an exciting development for many, businesses need to be aware of the IT risks the office return poses. 

Understanding the threat landscape We see the highest incident of threat risks from malware like Emotet, Trickbot, Zbot and GuLoader, whereby attackers infiltrate and secure remote access to machines. In addition, hackers are becoming increasingly clever at fooling employees and are prepared to dwell for a lot longer on the machine to wait for the right moment to attack. 

While these are not new types of threat, we see that the hackers are using more advanced and persistent tactics to work out how to gain more information on how the machine is being used. They aim to gain domain admin access and ransomware a whole corporate network, as it is a proven and lucrative avenue. 

The main risk for corporations right now is that when a homeworker returns to the office with a dormant infection on their machine, it’s no longer a problem solely for the individual. Instead, this infection can spread laterally across the whole corporate network like wildfire creating a cyber disaster capable of causing significant reputational and operational damage. 

We’ve seen these sorts of methods commonly delivered to endpoints, which makes endpoint security-critical. Unfortunately, the traditional way that many companies defend their network perimeter is no longer fit for purpose, but what can be done in both the short and long term to mitigate these risks? 

1. Providing the proper education and training for employees 

In the short term, it’s essential to focus on staff training as employees are an organization’s main point of weakness when it comes to cybersecurity. Every employee must understand the role that they play in protecting the company perimeter. 

Let’s look at why home worker’s systems are vulnerable. During lockdown, employees have been swapping between corporate and home devices, using USB media, sharing corporate devices with other family members, accessing their own IoT devices, and all across a flat network. This is a problem because flat networks don’t have the same level of protection as corporate networks. The likelihood is that this flat network will not have such a stringent patching cycle as a corporate network. 

It also won’t have the same level of security protection that a corporate environment would have. For example, the level of protection on a corporate device outside of the corporate network often lacks the next-generation detection and prevention technologies used to combat malicious URLs in email messages or suspicious downloads. Furthermore, if a home user does become infected, they probably can’t remediate the situation without the same service desk, and TechOps support they’d have in the office. When employees chop and change between corporate and home devices, it increases risk, making the corporate network vulnerable. 

While security education is the first step; it’s also important to be mindful that many devices at home will have been shared with other people who may lack any cyber awareness. Therefore, other precautions must be put in place. 

2. Ensuring devices are ‘clean’ and free from malware on return to the office 

Upon returning to the office, scan all computers and endpoint devices brought back onto the corporate network. Examine each device for new apps and programmes added and either validate or remove them before allowing them to connect to the corporate system.  

Remember, it’s not just laptops and smartphones that need scanning for vulnerabilities; USB devices and peripherals such as printers will also require the same scrutiny. 

3. When and how to leverage EDR 

Looking ahead, many organizations understand more about the tools that will enable them to operate securely and remain resilient, irrespective of whichever external event may impact them next. 

The next generation of Endpoint Detection and Response (EDR) software focuses on tactics, procedures and behaviour-based detection. It has inbuilt machine learning on machines and in the cloud, which is based on signatureless detection – this is necessary to detect and stop most threats we are now seeing. Unfortunately, our research shows more than 60% of companies don’t have EDR or next-gen anti-virus on their end devices. Some don’t know they need it; for others, they are tied into long licenses with companies that don’t offer EDR yet. 

As the network of endpoint devices increases, so too does the data that comes from them. Extracting this data can provide a ‘God’s Eye’ view of an organization’s infrastructure. This requires a specific toolset to help make sense of the data and to leverage it effectively. To summarise, an EDR platform can take in extensive event logs, providing visibility and data to efficiently defend an organization’s estate. 

4. Ensuring patches are up to date 

A significant proportion of external breaches are due to unpatched vulnerabilities. An inadequate patching regime can have catastrophic consequences on systems, personally identifiable information, and intellectual property. Just look at the repercussions many companies felt with the recent Microsoft Exchange vulnerabilities. In the attacks observed by Microsoft, the attacker used these vulnerabilities to access on-premises Exchange servers, which enabled access to email accounts and allowed installation of additional malware to facilitate long-term access to victim environments. 

Often de-prioritized in favor of more pressing activities, patch management as a discipline plays a crucial role in an organization’s ability to fend off threats while improving stability and functionality. But this can now be automated with a Managed Patch and Compliance Service, allowing an organization to focus on other business areas. The patch service will provide critical updates to security hotfixes and keep all servers, applications and endpoints patched per a pre-defined schedule and ruleset. Automated reporting also offers real-time visibility, fulfilling even the most rigorous compliance obligations of highly regulated industries. 

What are the merits of outsourcing your IT to take advantage of the latest cybersecurity protection? 

Many businesses enlist the help of a Managed Service Provider (MSP) but often find that the company provides little value beyond incident alerting. It doesn’t adapt quickly enough to the evolving threat landscape. 

It’s worth finding an MSP with a Managed Detection and Response (MDR) toolset that operates on an outcome-focused approach. This will deliver the actionable insight organizations need to proactively detect current and emerging threats and respond rapidly to incidents. An MDR service supplies the tools needed to detect and respond to threats and the people to deploy, configure and monitor them. 

An MSP with an MDR toolset will assess the network environment and leverage the different technologies that fit its specific needs. It will combine multiple tools sets, including Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) tools, providing a bespoke suite of products according to the environment, whether public or hybrid cloud or on-premise. This approach is essential when dealing with a diverse organizational structure where an out-of-the-box solution will not be fit for purpose. 

To minimize cybersecurity risk, identifying and responding rapidly to attacks is essential, as is having timely patches in place. Without a detailed awareness of activity inside the organization’s network, it can be impossible to know if systems and data are in danger of being compromised. 

Outsourcing to an MSP with MDR and patching solutions is much more cost-effective when bringing together a suite of products that serve various elements. Best practice would be to choose an MSP who understands the market and uses best-in-breed solutions. 

READ MORE:

Easing the return to work 

Many businesses will now be looking back at how they have fared over the past 18 months after responding so quickly to new ways of working. For many, a hybrid approach to work will continue to dominate their working culture, accelerating the demand for the latest endpoint security technology. It’s essential to take a zero-trust approach to mitigate the risks of employees returning to the office and put in place the proper training and security provisions to ensure that the corporate network does not become vulnerable to cyberattacks.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...