Telecommuting has been on the rise for years. According to some studies, about 40% of the U.S. workforce already worked from home in some way prior to the COVID-19 outbreak. But safety concerns around the pandemic transformed traditional offices into fully remote workplaces virtually overnight. This has heightened concerns about data security and the possibility of a breach that can lead to liability exposure, substantial fines and reputational harm.
Concerns are especially acute in the financial sector, where workers routinely handle highly sensitive data like personal information, bank account data and Social Security numbers. VPNs extend private networks so remote workers can connect, but VPN access is untraceable. That means the company can’t trace who has connected with the private network, when connections were established, which IT assets were reached, or what users did while connected.
Remote workers are more susceptible to phishing, social engineering and spoofing scams that are designed to deceive them into providing access to servers or authorizing transactions. Remote users can inadvertently introduce malware, ransomware or crypto-viruses into sensitive systems, allowing hackers to commandeer user credentials and privileges and infiltrate and expand access across the corporate infrastructure. The lack of oversight over remote work also increases the risk of disgruntled employees downloading sensitive files, making a strong security posture essential.
Typically, endpoint security and privilege elevation and delegation management (PEDM) practices are among the weakest links in the cybersecurity chain. When attempting to secure confidential data that is accessed from outside the workplace, financial organizations need the ability to monitor and record privileged sessions. They also require a way to control access and secure endpoints. Here are three areas financial services companies should focus on to secure their data when employees are working from home:
- Controlling access: Companies need to know who is accessing the network, what privileges the user has been granted, and what the user is doing with their access. Controlling privileges means limiting access, meaning the user only sees what they need to see and can’t see other resources they don’t have rights to access (even if they can guess the resources are there), which prevents lateral moves across the network. Businesses with a privilege access management (PAM) solution are able to control access, but it’s vitally important to ensure the company also monitors the activities of privileged users coming from both inside and outside the corporate network.
To protect critical systems, financial services companies need to protect assets with combined user access workflows, credential rotation, and limits on local admin rights. Companies must have the ability to oversee sessions and manage local system applications and processes in order to truly protect sensitive systems. Crucially, they also need the ability to trace and monitor activities with session recording, metadata and logs of all privileged actions, and have the power to automatically terminate suspicious session activity and unauthorized actions, which are protections not offered by a VPN.
- Granting privileges: To safeguard against privilege abuses, financial businesses should follow the Least Privilege principle, i.e., only grant users access to the bare minimum of resources for the least amount of time possible. Following this principle maximizes security while minimizing risk. A well-designed PEDM system provides granular control, allowing users to request elevated privileges when necessary and enabling the business to elevate the access of those who need higher privileges for specific purposes when and as needed.
When companies rigorously enforce the principle of least privilege by operating within a Zero Standing Privileges policy, financial institutions can safeguard data and sensitive systems by enforcing strong security controls around identity and authentication, access authorization and privilege governance. This strategy allows users to work efficiently both remotely and onsite.
- Protecting endpoints: When employees are working from home, their devices are outside the security perimeter established by the company. That makes endpoint privilege management (EPM) critical to protecting sensitive information. The right EPM solution can enable financial services companies to control administrative functions and access capabilities on endpoints wherever they are located.
A robust EPM solution allows the company to fine-tune application rights so that apps can perform only authorized actions initiated by authorized users. EPM can also stop known and unknown attacks by preventing unauthorized actions that would modify the system, unlike traditional anti-virus solutions which can only resist known threats. This unique approach addresses risks at the application and process level rather than at the user level, eliminating local admin rights without impacting user productivity. EPM also neutralizes ransomware, detecting encryption operations before they are carried out.
Because of the pandemic, times are uncertain for businesses of all types, and many weren’t prepared to stand up and support all-remote workforces on such short notice. Hackers understand the implications of the business disruption too, and the techniques they use to gain access to sensitive data have grown more sophisticated over time. That’s why it’s so important for companies — especially those that handle sensitive data — to put safeguards in place quickly to mitigate the risk.
Providing a robust security perimeter that extends beyond the corporate network is a must for any type of business, but it is especially critical for financial services companies. It’s unknown at this point how long the work-from-home protocol will remain in place or if it will be necessary to prevent future outbreaks, but remote workforces are a facet of the digital transformation that cannot be avoided. Because of the uncertainty, now is the best time to improve the company security posture. A better approach to security is an investment that pays off now and in the future.
