The COVID-19 pandemic created an increased need for remote working, not only for the system administrators, but also for the vast majority of the employees. Several technological solutions were extensively employed, one of which being the Virtual Private Network (VPN). This allowed employees to securely connect to their organisation’s internal network and carry out their work. However, despite the fact that the connection to their organisation’s systems was secure, several of them were using their personal computers at home, the configuration of which significantly diverged from the organisation’s security policy (antivirus protection, system updates, access control to files, etc.). Hence, their personal computers were potential “Trojan horses” through which malware or unauthorised users could obtain access to resources within the internal network. What is more, there were cases where, once remote users securely connected to the internal systems, they could access more resources than they should have been able to, due to inadequate or flawed access control.
Companies that managed to face this problem almost effortlessly were the ones that already had a significant portion of their employees working remotely (either partially of fully) during their normal operation. The said employees were therefore already in possession of appropriate equipment bearing the necessary security configurations and were able to carry out their daily work in almost the same way they were used to.
The COVID-19 pandemic was a rather unexpected event, yet it had an immediate and strong impact on our everyday lives. Contingency and business continuation plans were in place nevertheless, they usually contained no provision for something of this type and of this scale. That said, useful lessons can be learned that will help us to be better prepared for similar situations and preserve a high cybersecurity level.
Alexandros Papanikolaou
InnoSec, Greece