(or, as we say, PCPPE!)
By Andy Travers, EVP Sales & Marketing, Exclusive Networks
As Exclusive begins the slow return to work and provide our people with PPE (personal protective equipment), strict instructions on social distancing, and hygiene measures to prevent contagion, what I’m asking in this blog is: are we taking the same approach to safeguarding the returning devices that may now be contaminated?
Let’s face it – without testing or obvious symptoms, a whole bunch of computer viruses, malware and other malicious content could have innocently infected laptops and devices from the home Wi-Fi or those personal applications we’ve all been using to pass the time during lockdown.
We’re all eagerly awaiting the day when we can return to ‘the New Normal’, or the NEXT NORMAL as we like to think; getting back to the office, the familiar old commute and stop-off at the coffee shop, the brief exchanges with fellow commuters you only know through routine but are otherwise complete strangers, the same old chat to the security guy or receptionist about the weather, the weekend sport or family trip… We’re all excited about this big return, and with some countries beginning to relax restrictions and implement a gradual easing, the anticipation levels are understandably very high. At Exclusive we’ve already purchased thousands of face masks, thousands of litres of hand sanitiser and published rules and guidance of what a safe return looks like.
Being Blind Spot Aware
But whilst speaking to our CIO, Will Smith, he highlighted an interesting predicament: we rightly concentrate on people protection but many companies, large and small, may overlook the safety and wellbeing of their IT networks and enterprise systems, and the threat posed by returning employees and their personal devices and company-provided work tools and devices.
“With the shift in working arrangements, many people have been working from home, some for the first time. The security posture of a home network varies greatly, not everyone is tech savvy and trust is often placed in default configurations of home devices such as routers. To compound matters further, home networks are often ‘dirty’ due to the pervasive nature of malicious software on devices that are not adequately protected. This creates a major security concern as people begin to return to work; a potential blind spot that might be overlooked.”
Bad Actors Have Been Busy
Personal devices, home laptops and PCs used for VDI, isolated in the home network, may (on their own) not provide such a huge threat but, once attached to the company network, it could be a different story. Recent data and threat reports have highlighted the huge explosion in this threat vector by the fast move to home working and how the bad actors have exploited this to maximum effect. And these guys are not interested in accessing your family photos or even stealing your personal credentials. They’ve likely planted all sorts of dormant and sinister bots and trojans, biding their time waiting for the right moment to execute the intended mission – months or even over a year later.
So, what have we got to do? Well, I’m no expert – but one thing’s for sure, if I’m pondering the thought then there must be better people than me out there that are streets ahead of my thinking. But here are just a couple of thoughts for you to share with your colleagues, customers and suppliers to ensure they are thinking about the PPE for their PCs.
What to Look Out For
The list below is not exhaustive, but an idea of the tasks and actions we must consider in preparing for the health and wellbeing of our device data, digital assets, applications, services and software. Again, our ideas and solutions may not be something you currently use or provide – but hey, what the hell – we’re all in this together so we’re sharing the love!
Rogue Devices
Scan your networks for unknown devices – you never know – habits are hard to break and users may accidently bring in devices they’ve become comfortable with and assume it’s OK. Maybe issue a note to everyone to prepare them and ban such devices being attached to the network!
Fingers and Thumbs (USB, NAS, etc.)
Users may have used external thumb drives and devices for storage, etc. Best re-enforce that these are forbidden and deploy device control to block.
Not Updated OS and Software
OK – we’re not all saints and may have ducked the updates and patches during this period. Auto-update settings may even have been turned off forever! So let’s check for this – out-of-date OS and software could have vulnerabilities ready to be exploited. Similarly, devices left on premises may have been shut down and will be out of scope.
As soon as you are able – make sure everything is patched. Also – EDR and VPN endpoint apps may have been disabled to allow users to access apps and services normally forbidden in the workplace (and who can blame them??). Now’s the time to check that all endpoint protection is on and up to date.
Non-Approved Software and Apps
Many users may have installed new apps – Zoom being one of the obvious ones – that may not be approved. We need to check what risks these apps and other software present to the company by some sort of application risk service.
Password Reset
Now is a good time to refresh and reset passwords, particularly as these may have been shared with loved ones. Existing passwords may also have been used on new sites and services that are unreliable. Enforcement of this is necessary and worthwhile.
Take Stock
In the rush to react to the impending lockdown – we may have quickly allowed users to disconnect devices and peripherals to take away. So remind them that they were to ‘take away’ not to ‘stay away’. Employ asset tracking and conduct an inventory stock take!
Similarly – you may have purchased additional licences like MS Teams, and quickly deployed them to allow users to be productive at home. Do they still need access to this anymore? And if you’ve used a monthly subscription platform, why not cancel these subs and save some money?
What of the Future – the Next Normal?
In the rush to provide the solutions to users, many will have gone for quick fixes and contingencies. A case of optimising what was dynamically provisioned and holding it all together. So what does the ‘Next Normal’ look like? Well, probably not too far away from what you’ve provided lately – or it could be long way away. In any case, everything points to a hybrid work-life balance future so consider what that looks like from a provisioning and protection perspective, and perhaps a rethink is needed.
We’ve also tested our DR plans and patience to the limit – were you properly prepared for the Doomsday effect? Boring Adrian (the risk guy) isn’t so boring anymore – perhaps he told us all so. But one thing’s for sure, we’ll listen to the risk guys in future and need to review our DR and pivot accordingly…
We Are Here To Help All Of Partners To Continue ‘Business As Unusual’.