Security Risks When Working From Home

Working from home? Have you been transferring files between work and personal computers? Be aware of the security risks that are out there. Experts talk about how to protect your company’s private data. Where should you start to make sure your remote workforce is secure? Listen to these experts!

Using Your Personal Computer to Work From Home

What are implications when working from home?

Let’s face it, these are weird times! Never before have we had the bulk of the country’s work force sheltering-in-place and working from home. We’re going on four months battling the spread of COVID-19. Workers have resigned, been terminated and furloughed and many have sensitive trade secrets loaded on their personal computers. Experts Lee Neubecker and the Data Dive Debbie Reynolds discuss currents situations and different audits they have performed for companies to retrieve intellectual property and company data. Check out this blog with transcripts.

Video Transcripts Follows

Lee Neubecker(LN): Hi, this is Lee Neubecker from Enigma Forensics. And I have Debbie Reynolds, the data diva back on the show from Reynolds consulting. Thanks for being on. Thank you so much for having me Lee. So what are your thoughts about the shift and changes that have happened over the last couple of months with everyone being stuck at home with their computers?

Debbie Reynolds(DR): I think it’s a interesting issue now, because as you know, even before the pandemic, there were people working at home. But now since there’s so many more people at home, it’s bringing up other security risks, especially with devices. And I’m sure you know, you probably explain more of your experience about working especially a forensic with people who are remote. And some of the challenges with those machines, especially, you know, the same people. They’re either working from home, people are getting furloughed or people are losing jobs where they’re, they’re not in the office. But they still have equipment. So I’m curious to see what you think about all that in terms of the device, the equipment, and some of the risks that come with that.

(LN) We’ve had a number of projects happen during this period where workers either have resigned, they’ve been terminated, or they’ve been furloughed, and there’s a need to get the company data back. And sometimes that data is on their personal computers. Other times the data is on a company issued laptop, but there are companies are just starting to get back to work. And there’s a whole host of issues. If you have sensitive trade secrets, and confidential electronic data on an employee’s personal or work computer, and you don’t have physical custody of that, there’s a real risk of that data getting disseminated to a new employer, maybe leaked online to the web, or maybe even you know, someone’s kid at home installs a game that opens up malware that puts those trade secrets at risk.

(DR) You know, we know a lot of people working from home, and a lot of people are using, I think the statistics said, the majority of people, maybe a slight majority, are using their own computers to, you know, tunnel in via VPN or whatever. But we all know that people still, under a lot of circumstances, let’s say they’re printing, or they have a file they want to, you know, leave locally or something. What is your advice from a forensic perspective? ‘Cause we can, we always see a lot of data co mingle together, unfortunately, where the personal and people’s business stuff maybe, you know, together in some way, so what is kind of your advice for people working at home for stuff like that?

(LN) If an employee’s is being asked to work from home, they should ask for a work issued computer.

(DR) Right

(LN) Also you should be using a virtual desktop of sorts.

(DR) Right. Yeah, exactly. But you’ve seen I’m sure you’ve seen a lot of situations where you’re asked to do forensic work. And there is a lot of personal stuff, even on a company.

(LN) Yeah, we’ve had situations where people have, despite having work issued computers, they’ve still connected their personal computer up to corporate resources, office 365. I’ve seen situations where there’s drives that are syncing to personal, former employees, personal computers, and even though the accounts are severed, so it can’t continue to sync, then all that data might still reside. So we’re doing audits right now for clients to look for, you know, what devices are synchronizing with corporate data stores, and some of those devices. You know, there really needs to be accounting and audit to match up those devices to ensure that only accounts of active employees are syncing and that those devices are company issued devices, not personal devices because it poses a real risk. It’s a problem that could be preempted by issuing, you know, work equipment, not co mingling work and home stuff.

(DR) Are you seeing problems where people are, let’s say they have a phone. And they have like, for example, let’s say they have an Apple phone and they have a iCloud account. And the phone belongs to the company, but their iCloud account is their own personal account where you have problems getting those passwords.

(LN) Yeah, for the most part, we’ve had compliance and I’ve worked to try to help solve the problem, you know, the employee might have stuff they need. And usually what we’re doing in most cases where we have co mingle data, where we’re giving the employee or former employee the opportunity to put all their personal stuff onto a drive that will then do a search against and then we’ll wipe, wipe, completely wipe, the original device. They’ll sign a certification of sorts, and then they’ll only copy the stuff that they, that they copied off that we verified, didn’t contain trade secrets, and they’ll pull that back down to the computer. But that relies on some level of trust that if the employee or former employee signs, a declaration or affidavit saying that they returned everything that they’re being honest.

(DR) Do you have people that are concerned, especially in the legal field about people doing remote document review, and having sensitive documents viewed on their computers at home?

(LN) Well, I think that’s a legitimate question. And you know, if, if companies are outsourcing document review, they should be asking the provider, provider questions about, you know, how, what steps are you taking to make sure that those endpoint reviewers aren’t using computers that are compromised? In many cases, companies are using independent contractors as their reviewers and they’re not issuing corporate equipment. So that that’s a real risk that the whole ediscovery industry really needs to grapple with, because someone’s going to get burned at some point in time, especially during this, this pandemic with, you know, resources taxed and people working from home.

(DR) I have one more burning question for you, actually. And this is about BYOD. What do you think? Because the pandemic, do you think more companies will start to do more or less, bring your own device things as a result? I think we’re going to see a lot of problems come out of BYOD devices where companies see the problem of losing control of their data. And, at least with the larger companies, I think you’re going to see probably more strict, more strict enforcement of using corporate resources. I mean, there were many companies right before Illinois shut down went into effect they were ordering laptops going running out to, you know, retail stores to quickly grab whatever they could, so they can issue laptops to their employees. And, and so I think you’re going to see, I think you’re going to see a movement away from BYOD in the future.

(LN) I agree with that. I think it’s been a long time coming. I don’t know if you remember when they were first doing this, you know, at first companies were giving people devices, then they decided well we’ll save money will be out BYOD Now it seems like a pain in the neck to deal with it. And it’s all these risk issues. So I really feel that they’re going to start to go back the other way.

(DR) Now, well there’s a cost associated with BYOD. And now people are furloughed and all your sensitive data is on former employees, personal computers. So then you’ve got to hire a forensic expert like me to try to work through to get the data back and to solve that problem, which, you know, it might have been much easier to issue a 500 dollar laptop to employee, then to have them synchronize that ’cause they’re going to pay more than $500 dollars to try to solve the problem of getting their data back. So after we get through this next bump in the business cycle where companies are paying out to have to retrieve their data, I think you’ll see that most CFOs will see it’s smart sense to issue corporate laptops and to block access to BYOD devices. But thanks for the question. It was a good one.

(LN) Thank you. Fascinating. Thank you for sharing.

(DR) Thanks

Related Articles

Check out our COVID-19 Statistics – Track your county!

Business Continuity and COVID-19

Cyber technology and preparedness experts Lee Neubecker and Geary Sikich talked about a business continuity plan way ahead of the COVID-19 virus hitting the US! What does the next couple of weeks look like? Tune in to find out.

Business continuity! It’s official, COVID-19 is upon us and the country is basically on lock down. Government restrictions are everywhere. Just about 15 days ago, Lee Neubecker and Logical Management Systems, President, Geary Sikich talked about what was going to happen when COVID-19 landed on our shores. It’s like they wrote the sequence of events!

Lee and Geary are trained experts in the field of cyber technology and preparedness. They foretold businesses will have employees work from home if they have a job that allows them to telecommute. They discussed different unique challenges businesses will experience when executives and employees take work computers home and remote in. Check out this video interview to learn a few interesting tips on business continuity.

Part 2 of the Coronavirus or COVID-19 & Business Continuity

COVID-19 and Business Continuity

Lee Neubecker (LN): Hi it’s Lee Neubecker, President of Enigma Forensics, and I’m back on the show here with Geary Sikich, President of Logical Management Systems. We’re continuing our discussion on business continuity planning as it relates to the Coronavirus, thanks again for coming back Geary.

Geary Sikich (GS): Thanks Lee for having me.

LN: So, can you tell everyone what other businesses are actually experiencing that are now at the stage where they’re dealing with government restrictions, either in China, or even in Seattle Washington, and what the reality of the challenges faced by businesses in communities where the corona outbreak is magnifying and spreading.

GS: Sure, the big one everybody is surely aware of was China and some of the things they did, in what people were calling “draconian measures”, which is essentially the quarantine that they set up. They literally lock down roughly about 56 million people and it got to the point where it was from the household where you were staying. They would allow one person to go out and buy whatever food you needed for the day. If that person didn’t have a mask on they were sent back, so no food, so that’d be a big impact. The employers for those employees who are now locked in on a quarantine basis set with empty factories and at about two weeks into that a lot of these employers were saying, “I can’t pay my people because my factory is not operating and I’m about to go out of business”. So, the impact is big in that regard. Just recently in France, the Louvre closed, and it’s closed now indefinitely as of this morning in response to a protect the potential of coronavirus expanding. Italy, there’s closing schools in Italy, they closed schools in China, also in South Korea. They’re doing similar things what we’re faced with here in the States is a very similar situation that is yet to unfold in its dramatic effect. But if we start to see the Coronavirus expand in the States, plan on seeing things like school closures plan on seeing things that are not going to be available on the shelf because the grocery stores are going to be emptied.

LN: That introduces a whole other element of risk, because for those parents of kids that have to be home many of those parents are only going to be able to work from home if they have a job that allows them to telecommute, and there’s, you were talking to me earlier about some of the unique challenges that have happened when executives take work computers home and they’re remoting in, and the one example I remember you saying was that with kids home alone and they have time on their hands, they’ve sometimes gotten into their parents’ computers and if those computers aren’t secure and they go to a game site, and they get hit by malware, the corporate network could be taken out.

GS: Yeah and it’s happened we’ve had it with the clients in different parts of the world where the company organization said it’s a great idea. We’ll set up a mini situation where you can work independently from home here’s a secure computer and over a course of time not much is happening and so, the secure computer becomes something of well we don’t let the kids play games on it and nothing’s going on so I’m not too worried, not realizing the potential exposure that they’ve put themselves in from a vulnerability standpoint. One of the key things, and I think this is a point that we need to emphasize, is that the criminal element people who want to do bad things has really taken advantage of the Coronavirus situation in a lot of different ways. By actually being able to interject malware in posing as a legitimate information site so here you want information on the Coronavirus, I’m here, and the next thing you know you’ve got malware downloaded into your system. So huge impact areas and in that regard.

LN: Yeah, I think that the whole notion of planning and thinking through how your business would respond if your employees weren’t able to come to the office is something that every organization should be doing now because it certainly is it’s not a question of if the virus will spread, it’s a question of you know how quickly and how large of an impact. We don’t fully know what is going to happen in every community with the weather, whether there will be better treatments available or not but we do know that it’s a risk and it makes sense to prepare for not having to have your workers come into your office, and how would you respond to that?

 GS: If you think about it in this context to leader there’s some real issues that you need to really begin to assess it all in a lot of detail. So, from a risk assessment standpoint, one obviously you want to look at how do I build contingency plans for us to work remotely whether it’s you working at your home or at a remote location that the company hires to have you know staffed. That’s great if you’re in the Information and Technology business or you’re in the financial sector you’re in a nonindustrial sector, how do you close down a steel mill and tell your employees we’ll go to this other place and work because there’s not the same facility. Here’s the real interesting thing that it but I think it’s a critical point and this is where we begin to start to realize risk management needs to begin to look at some things differently. One, you’ve got a facility it goes into lock down because of quarantine, no employees there. What’s your vulnerability for that facilities now sitting vacant. You have people maybe who want to break in? You still got your computers and other systems there that I would assume can still be hacked into in some way shape or form and you’ve got a lot of potential sensitive information.

LN: And physical security becomes important in that case definitely.

GS: But how you do that if you’re under quarantine and you can’t bring in physical security per se.

LN: There’s a whole issue if you have in our next segment, we’ll talk a little bit more about what businesses should be doing now to be cyber ready for having employees where they can work remotely. We’ll talk about some of the strategies that you can take now to help maximize your readiness for such a circumstance where you have to either reduce your workforce and create space, or have people work completely remote. So, thanks for being back on the show.

GS: Thank you Lee, I enjoyed it.

To View Part 1 of the Coronavirus

Other Related Articles

Official Website of Homeland Security and their Business Continuity Plan

https://www.ready.gov/business-continuity-plan