One of the questions our sales team is getting from current and prospective clients relates to whether or not testing should happen during work from home (WFH) and quarantine timeframes. The answer is yes, or no, maybe…
If your income has ceased and does not look like it will resume in the near term, expending money to protect a business that may not exist is perhaps not the best course of action. If revenue has remained fairly steady, then this is an excellent time to have testing performed. Most places of business are operating under unfamiliar parameters and seeing how your security posture has adapted in this unique circumstance may be very beneficial. Some of the prospective benefits are
- Seeing how employees respond to threats and attacks while outside of your network perimeter
- Observing potential vulnerabilities in your remote access solutions
- Observing if your employee population can operate securely as a WFH workforce
Our team has performed a couple of tests since people have shifted to working from home and the results have been very similar to testing under normal conditions. The lack of personnel in the office space has not yet prevented common vulnerabilities from being exploited and discovered.
The largest difference we are discovering is trying to help clients understand remote working technologies along with their strengths and weaknesses. Working remotely was a foreign concept for many businesses up until a few weeks ago but has suddenly become a necessity. The sensationalist headlines about the Zoom platform’s vulnerabilities have also not been helpful. All platforms will have strengths and weaknesses and following standard best practices of authentication, authorization, and accounting (AAA) apply regardless of where your workforce is deployed. If you are unfamiliar with AAA you can read all about it in several places online. In a, very brief, nutshell they are:
- Authentication – How you prove someone is who they say they are. (username, password, biometric, token code, push notification)
- Authorization – What can the person access and do once they have authenticated?
- Accounting – Can you track when someone authenticated (success and failure) and what they do when accessing data and devices?
There are many more detailed, and better, explanations than I have provided and several different ways to implement AAA. However you choose to apply it, please make sure it is a consideration when working locally or remotely in any environment where data security is needed.