The New Frontier of WFH: Endpoint Security

Now that we are over a year into WFH, it is good to step back and analyze what has changed. Perhaps the biggest shift the world has seen over the last few decades is not only for the tech sector, but lifestyles overall. Work commute times are down to zero, parents can spend more time with their kids and pets, internet connection at home is now essential, and much more.

“Seemingly overnight, employees who’d formerly worked in offices began working from home, many relying on their own computing devices and makeshift network access methods, with IT departments scrambling to protect their devices and data,” says Bob Violino of ComputerWorld. The fortified walls of security in the workplace are nonexistent when employees are working from their personal computers at home, connecting to their own WiFi networks. Companies have been working on providing endpoint detection and protection to their users within their homes but would have to go through the process of licensing, registration, then deployment of said measures. This can be daunting not only for first-time WFH individuals but also for IT members that are adapting to these new unchartered ways of working away from the office.

With personal devices now used for work, few are equipped with the capabilities that office computers have for software protection, routine installs, and more. For personal internet at home, there could be many vulnerabilities unknown to the user that can put the company files if not database at risk, as explained by Jeff Harrell of Security Magazine. Harrell further explains, “…IT administrators are left to wonder about things like whether an employee’s endpoints are configured correctly or if all endpoints received the latest patches…Under normal circumstances, endpoint management software delivers patches and updates on a well-orchestrated schedule so that they don’t impact network performance or business operations, but these vital updates can take significantly longer over a VPN and the employee’s home internet. Because of the significant strain of content distribution over a VPN, many machines are not regularly maintained, updates and patches are not pushed, and this leaves networks vulnerable to outside threats.”

Those in the tech industry specifically are often well-accustomed to security flaws and issues that may arise in WFH scenarios, but not the same can be said for the majority of WFH users around the world. As a result, this gives hackers and exploiters a massive opportunity to cause all sorts of issues from phishing emails to viruses downloaded from unsafe files to ransomware, which would put an entire company at risk. People often have enough to worry about for work specifically and could care less about anything outside of what is necessary. With security not at the forefront of a “WFH checklist” for the majority of users, therefore such statistics have appeared; “…78% of remote workers who worked on their personal devices during the lockdown period between March and July 2020 said they received phishing emails, either in their work or personal inboxes. More worryingly, 68 percent said they clicked a link or downloaded an attachment from the phishing emails they received on their personal device”, according to Tessian Research and reports.

With so much at risk and so little in the know of how to protect themselves from insufficient endpoint security, Puffin offers a solution through Puffin Secure Browser. This is a browser that protects endpoints from current and future web threats, regardless of the software protection their device has or the network security of their WiFi. Learn more at https://www.puffin.com/secure-browser/.

Sources:

https://www.computerworld.com/article/3609596/wfh-security-lessons-from-the-pandemic.html

https://www.securitymagazine.com/articles/93196-endpoint-management-and-security-in-a-work-from-home-world

https://thefintechtimes.com/global-report-finds-80-of-it-leaders-believe-theres-a-greater-risk-of-cyber-attacks-when-working-from-home/

CloudMosa’s mission is to empower the world’s phones through cloud computing and make them universally powerful and useful.