Like most things, working from home has pros and cons. Employees might get to sleep a little longer or get back hours of their commute time. But they also face new security threats that lurk inconspicuously in their home IT environments.
Dr. Tommy Gardner, Chief Technology Officer at HP Federal, said endpoint security is the problem he is most concerned about in the work-from-home environment. “I’m most worried that your home network, which is the internet connections you have, the router and your endpoints, are not going to be at the same protective cybersecurity level as what you would have in government, in a well-protected, well-diagnosed network environment for the agency.”
The recent pandemic has revealed how essential digital transformation is and agencies have begun to accelerate the process of modernizing IT. We spoke with Dr. Gardner to learn more about how agencies can modernize and strengthen their IT environments, when employees are working from new and remote locations.
Think in Terms of Risk
Exponentially larger percentages of government employees are using virtual private networks, or VPN, to stay secure. These fall short of securing employees’ endpoints, such as laptops or mobile devices, which remain vulnerable.
Consequently, agencies need to take a risk-based mindset more than before. They have to acknowledge that with more endpoints, there are new risks, and bad actors will take advantage of this.
“You have to believe that the advanced, persistent threat, or the enemy out there on the dark web attacking networks every day, is going to focus on attacking employees in their home environment,” Gardner said.
Think About Endpoint Management
To tackle the new threats in the home environment, endpoint management is key.
“Remotely managing endpoints is a capability you would want as a chief information security officer or chief information officer in an agency. You want to be able to have insight into what’s going on in your machines. Do they have the right updates? Can we push the right updates to them? Do we have the right protection?” Gardner said.
Many agencies are migrating their data management to the cloud. But especially when employees are working from remote locations, there can be numerous endpoints accessing the cloud on systems that are not secure. So, in order to really elevate endpoint protection, agencies need to consider the security of the devices themselves.
Think About Printers as the Weakest Link
Printers are one kind of endpoint that can introduce a host of security risks in the home environment.
The printer, often an insecure endpoint, becomes the inconspicuous entryway for hackers to break into a network and access high-level, confidential information. Few printers were designed for top-level cyber protections.
“Agencies’ cybersecurity is only as strong as the weakest chain in the network,” Gardner said. That’s why printers that come with built-in security can offer more layers of protection. By having embedded security at endpoint machines, agencies can strengthen their line of cyber defense.
HP PCs and printers come with built-in security solutions that protect from firmware attacks, malware, phishing and other threats that have only grown more common during the global pandemic.
“At HP, we design our printers with the same philosophy and architecture that we design in our personal systems, workstations and laptops, which is world class cybersecurity,” Gardner said.
This article is an excerpt from GovLoop’s recent report, “The Connected Employee: Ensuring the Security and Resilience of Government Operations.” Download the full report here.