Cyber risks for lawyers in telework
The Cyber and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security offers guidance regarding telework in times of the COVID-19 pandemic.
CISA released an alert to encourage organizations to adopt a heightened state of cyber security when it comes to alternate workplace options for their employees necessary due to the COVID-19 pandemic. It is important to consider that remote work options require an enterprise VPN (Virtual Private Network) solution in order to connect employees to an organization´s IT (Information Technology) network.
The CISA mentions the following considerations regarding technical details on the issue of telework and cyber security:
- As organizations use VPNs for remote work, more vulnerabilities are likely to be detected and targeted by malicious cyber actors.
- Due to the fact that VPNs are operating 24/7, organizations are less likely to keep them updated with the latest security updates and patches
- Attempts of stealing the usernames and passwords of teleworkers via phishing emails may increase.
- Organizations that do not use MFA (Multi-Factor-Authentication) for remote access are more susceptible for such phishing attacks.
- The number of VPN connections of an organization may be limited, meaning that after reaching the limit no other employees can telework. Due to decreased availability of organizations, crucial business operations may suffer, including the ability of IT security personnel to perform critical cyber security tasks.
In terms of risk mitigation, the CISA strongly recommends that organizations review the offered guidance when considering alternate workplace options. The following aspects are important to bear in mind regarding telework and cyber security:
- Frequent updates of VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.
- Inform and alert employees to be aware of the increase in phishing attempts.
- Prepare IT security personnel to ramp up important remote access cyber security tasks like log review, attack detection, and incident response and recovery.
- Implementation of MFA on all VPN connections increases security. If MFA cannot be implemented, teleworkers are required to use strong passwords.
- Make sure that VPN limitations are tested by IT security personnel, in order to prepare for mass usage. If possible, implement modifications – such as rate limiting – to prioritize users that require higher bandwidths.
- Contact with the CISA to report any incidents like phising, malware, and other cyber security concerns.
Related links
Main menu