Back to Work After Lockdown: Cyber Risks of the Post-Pandemic Era
Cybersecurity Concerns in the Post-Pandemic Era
In the wake of China lifting some of its lockdown restrictions in the Wuhan province, most of the world is looking forward to getting back to ‘normal’. According to the World Health Organization, this transition from government-enforced lockdown to a quasi-repose state, should not be taken lightly nor perceived as a callback to ‘normalcy’.
As many epidemiologists pointed out, we have yet to reach the ‘infection’ peak, meaning that a second viral wave may be lurking around the corner. In the interim, with several European countries dropping part of the lockdown-specific rules, company-owners are making the necessary preparations to accommodate all the employees who were sent to work from home.
Many challenges lie ahead, most being related to (re)constructing a (the) work environment and how to achieve total compliance with the governmental recommendations/regulations – which, literally translates to how to keep your employees safe in the ‘Post-Pandemic Era’. The apostrophes are not poetic license – the coronavirus pandemic is far from over and it’s important to keep that in mind when you begin drafting the plans on how to bring everyone back to the office.
There is another consideration – your company’s cybersecurity factor. Up till now, your sysadmins were focused on making telecommuting work – configuring the network, installing additional equipment, researching remote work-specific software.
However, not that the employees will be returning to the office, the focus must shift back to on-site network admin, which, among other things, means getting up-to-speed with your cybersecurity policies (or lack of).
In this article, I am going to go over Heimdal™ Security’s return-to-the-office, cybersecurity recommendations. And because this is a race against time, I’m going to show you how to cut some corners (not in a bad way).
The post-pandemic era office
It’s only natural to have some reservations about going back to the office. After all, we did spend the last couple of months being told to stay at home, wash our hands, and practice social distancing. The idea of heading back to the office, while the coronavirus is still active, may seem foreboding. Perhaps even confusing – how can we even think about venturing into the world when the authorities are still struggling to contain COVID hotbeds that appear overnight?
Some WHO-associated sources mentioned something about the ‘death of normalcy’. In other words, we can never go back to what we believed was ‘normal’ because the very idea of ‘commonplaceness’ is what led us to this conundrum.
We need to change and that’s a fact. ‘But how?’ is the question du jour. Do we simply go back to our regular, and very mundane, 9-to-5 lives, knowing that the virus is still around? There’s no doubt that all of them are legitimate questions, which I will be addressing throughout this article.
Is it safe to go back to work? Health authorities from around the globe have already begun loosening the lockdown restrictions, allowing some industries to resume production. For instance, the Spanish health authorities, partly encouraged by the decrease in new coronavirus cases/casualties, have cleared the ‘restart’ for the construction and manufacturing industries.
On Monday, by ministerial decree, workers employed in these two sectors will return to work. I would like to remind the readers that Spain has been under lockdown since the middle of March.
Moreover, Spain is ranked fourth in deaths caused by the new coronavirus, after the United States, UK, and Italy. It’s encouraging news indeed, considering how hard this country was hit. Spain is not the only country to loosen its lockdown restrictions to stabilize the economy.
On the 25th of April, three US states (Georgia, Alaska, and Oklahoma), have taken the first steps in loosening some of the lockdown orders, despite the US’s death toll is around 70,000 and climbing. Even life in China, which is considered the first coronavirus hotbed, is slowly returning to normal, with more business relaunching every single day.
Returning to the office is possible and feasible. However, it will look entirely different compared to what your employees had in mind.
First of all, as an employer, you are bound by law to take every necessary to ensure the safety of your workforce and help the health authorities stem the spread of this contagion. So, right from the start, two aspects need to be tackled: legal and health-related. Of course, an equally important aspect is cybersecurity. Let’s take a closer look at each of them.
Legal Implications of Returning to Work
According to the White House officials, employers can recall the staff on premises if they meet all the requirements laid down and enforced by federal, state, and local officials. The document in question is broken down into several sections, each of them addressing a certain social category (healthcare providers, employers, employees, specific employees, and businesses). Below, you will find an excerpt from the White House’s tri-phase plan.
Guidelines for all phases
Develop and implement appropriate policies, per Federal, State, and local regulations and guidance, and informed by industry best practices, regarding:
- Social distancing and protective equipment
- Temperature checks
- Use and disinfection of common and high-traffic areas
- Business travel
Monitor the workforce for indicative symptoms. Do not allow symptomatic people to physically return to work until cleared by a medical provider.
Develop and implement policies and procedures for workforce contact tracing following employee COVID + test.”
The European Union has also laid down strict guidelines regarding how employers should (re)act when recalling employees. According to the OSHwiki, EU’s plan of reopening businesses focuses:
- Minimizing exposure to COVID-19 after recalling employees,
- Updating your company’s risk assessment plan[i];
- Adapting the environment’s layout as to comply with the health authorities’ recommendations regarding social distancing and other health-related concerns;
- Identifying employees that are in the high-risk groups and creating a hazard-free work environment[ii];
- Maintaining communication with your occupational health service;
- Miscellaneous measures that can help your workforce cope with the changes produced by the coronavirus outbreak (i.e. a counselor to help your employees overcome anxiety, or depression, as side-effects of long-term isolation).
The same document also provides some insight on telework – bringing everybody back to the office at once would violate the social distancing rule. The obvious solution would be to allow some of your employees to continue working from home. In the long run, you can work out a rotation-based schedule to get everyone back.
Simple Antivirus protection is no longer enough.
Thor Premium Enterprise
to organizational defense.
- Next-gen Antivirus which stops known threats;
- DNS traffic filter which stops unknown threats;
- Automatic patches for your software and apps with no interruptions;
- Protection against data leakage, APTs, ransomware and exploits;
Cybersecurity concerns in the Post-Pandemic Era
In terms of cybercrime, the coronavirus did nothing to stop or at least dilute the number of cyberattacks. Although in some countries the healthcare system is on the brink of collapse, that did not stop malicious actors from taking advantage of the confusion to stage debilitating ransomware attacks. The oil industry has also been targeted, as well as SMBs that fast-tracked the remote work initiative while sacrificing their cybersecurity posture.
Because I do a lot of research in the cyber-resilience area, I usually come across various forums where sysadmins ask all kind of security-related questions. In one thread, there was this sysadmin who said that his CEO ordered him to give every employee admin-type privilege before sending them to work from home. Needless to say, this type of praxis can lead to all manner of entanglements, not to mention the fact that you would be offering hackers several access points for data exfiltration.
This should be in a way construed as typical corona-related behavior. It goes further than that. Oftentimes, decision-makers, who lack cybersecurity training, will often make the mistake of overruling the sysadmin’s decisions in the area of security. A grave mistake, indeed, one that can cost companies millions of dollars.
Consider an alternative scenario – a lack of funding. An expanding startup just doesn’t have the financial needs to secure all the vital areas, leaving sysadmins to work with the tools they have on hands. Take patching, for instance. Nobody gives patching any attention until the company reaches the 20+ endpoint milestone. Then it becomes problematic, especially when there is only one sysadmin. What happens after that?
System administrators will use automatic patching and deployment solutions like WSUS and SCCM to ensure that are endpoints are running the latest Windows versions or that the proprietary software has been patched.
Even when you’re overseeing a 20+ endpoint network, using either one of those can create more issues than they can solve. This is not me putting the kibosh on Microsoft’s auto-patching, management, and deployment software, but, considering the speed that was required to set up a stable remote work network, SCCM and WSUS is simply not feasible.
Readers should remember that more than 80% of a machine’s vulnerabilities can be fixed through patching. Right now, the emphasis is on automatic tools that can deploy patches and updates on the fly.
Heimdal™ Security’s Thor Premium Enterprise, our company’s unique threat-hunting, and vulnerability remediation solution can help your sysadmin deploy updates and patches from anywhere in the world. Thor Premium Enterprise is a cloud-native solution, which means that you won’t have to worry about saving those patches/updates locally before they are applied.
Furthermore, on-demand, you can also add Infinity Management to your Thor Premium Enterprise suite. IM provides you with granular control over your endpoints and, most importantly, over what kind of software was installed on those machines. From there, you can force-install applications, roll back to a previous version, deploy and install proprietary software\update\patches, and much more.
Back to work in the Post-Pandemic era? It is possible, but we have and need to follow some rules. As a company-owner, you have to guarantee the safety of your employees, no matter if it’s related to health or cybersecurity.
One sensible step towards reopening your business would be to work with the local authorities to make sure you meet all the requirements. Furthermore, you should also offer some degree of flexibility. Perhaps not all of them are thrilled at the thought of going back to the office considering that the coronavirus pandemic is far from over. Be mindful of your employees’ wishes and work with them to come up with the best solution.
[i] A company-wide analysis that must include a risk evaluation paper, risk control, safety measures, mitigation, risk management tools, and training.
[ii] If your office cannot guarantee the safety of your high-risk employees during regular office hours, it’s advisable to allow them to continue working from a home-type environment.