Twosense Blog

Coronavirus has organizations shifting to remote work, making them vulnerable to data breaches. Here’s why.

Written by Twosense | Mar 11, 2020 4:00:00 AM

As the Coronavirus continues to spread at a rapid pace, the W.H.O officially declares it a global pandemic. “The U.S., with more than 1,000 cases and business disruptions, weighs possible responses.” reported by the New York Times. These responses, most notably, business disruptions are affecting many organizations, as many are beginning to quickly adopt remote and work-from-home policies in response to Coronavirus, also known as COVID-19, in order to protect their organizations. Companies including Amazon, Apple, Facebook, Google, IBM, Salesforce and more have been encouraging those workers who can do so to work from home. Suddenly, organizations that have traditionally set up most of their resources and systems to operate on-premise, have now found themselves having to accommodate a large number of employees working off-premise. 

REMOTE WORK SHIFTS THE SECURITY LANDSCAPE

What this sudden shift in work policy has done is possibly give us a glimpse into the future of work, with most of it being remote especially with no immediate end in sight. But more importantly, how are organizations going to handle this huge shift? In terms of information security, most organizations have relied on a castle and moat setup, heavily protecting against  outside/off-premise threats, trusting employees that are on-premise since they’ve already been vetted by physical security checks, therefore only needing to be authenticated/verified maybe once a day. Now with the sudden shift to off-premise, many organizations may have to rapidly shift to a zero-trust architecture, which requires that any employee that is off-premise authenticate themselves any time they access a system. This means that the number of multi-factor authentication (MFA) challenges for off-premise employees is going to skyrocket! However as we’ve seen before, many infosec/cybersec teams are at the mercy of their users and organization and may relax authentication policies, or even roll them back in some cases, in order to make the users happy. And this is exactly how remote workers will become prime targets for hackers during this coronavirus outbreak. Weakening the identity security posture in this way inevitably opens up new attack surfaces to outsider threat, creating new opportunities for session and token hijacking, spear phishing, etc. How can infosec/cybersec professionals keep the same level of security on-premise while a majority of employees are working off-premise? 

ON-PREM SOLUTIONS CAUSE REMOTE PROBLEMS

Distributed hardware authentication tokens/keys such as YubiKey or Google Titan can alleviate the friction, but a remote workforce and individual isolation create new problems when employees inevitably lose these keys, requiring them to default to MFA/2FA, or even single-factor authentication. To offset this, many orgs are thinking of using VPNs to bring remote workers back on to the corporate network.  This is a step backward from zero-trust to the good old days of 1990’s-era castle-and-moat architecture, replacing identity security with trusting the network, but this time without the physical security of the workplace to back it up. This is just moving risk into another attack surface, and compromise is inevitable which is what the move to Zero Trust was about in the first place.  Furthermore, the VPN itself becomes a vulnerability and a single point of failure that is not itself as secure as we’d like and still susceptible to attack.

THE USER EXPERIENCE PAYS THE PRICE

As we move from a centralized workplace to a distributed remote workforce, the reality is that we are losing the physical security of having ID checks at the front door.  For many organizations, that security remains a staple of the digital security posture that went a long way towards reducing risk and alleviating friction of MFA challenges on the workforce.  That loss adds risk that can only be shunted into different attack surfaces by technology, but can only really be reduced by increasing identity (MFA) challenges on the workforce, essentially through increased human effort and friction, at a time when that workforce is already distressed. 

TWOSENSE.AI CAN HELP

At TWOSENSE.AI our mission is to make your MFA experience frictionless by using continuous behavioral biometrics. Using your existing hardware and software login workflows, TWOSENSE.AI automates the response to MFA challenges for your users invisibly in the background. Our Continuous Identity Validation can identify bad actors and kick them out or alert admins even while they are inside the system, even mid-session. We can automate up to 95% of incoming MFA challenge responses, saving each user an average of 1.5 hours per month. Automating MFA challenge responses has helped us and our customers shift effortlessly to a Zero Trust remote work environment, for better security with a better user experience. 

Find out more about how TWOSENSE.AI can help you improve security while reducing user friction for your remote employees.