Reopening Offices Reveal Cybersecurity Gaps and Risks

Offices are beginning to reopen, many to full capacity, but moving as fast as most organizations want is opening significant IT related risks.

As the CDC continues to loosen up societal restrictions on the public, company office spaces have come back to life.  Getting “back to normal” is in full swing and IT departments are feeling the pain.

 

Out-dated on-premise technology and office devices

First, we have the challenge of applying general maintenance and updates to idle technology that has been sitting, untouched, for over a year in the office.  Ignoring this undertaking will lead to systems with known vulnerabilities being active on your network.

 

 

Increased admin access permissions when working remote or from homeNext, we have the pesky issue of all the hardware that did leave the office and is now returning.  For many IT departments, employees were either given admin rights and generally unprotected for the last year or are returning to the domain with a need for a month’s worth of updates.  Either way, systems operating in your business have been on residential networks that are generally perceived as being far less secure.  In addition, most enterprise monitoring tools don’t have visibility to the endpoint when off the network.

 

Employee devices and workstations infected with viruses and hidden threatsLastly, it wouldn’t take a psychic to see what the hackers are going to take advantage of.  When everyone went remote, they attacked remote connections.  When school restarted, they attacked ISDs.  When SolarWinds was hacked, they sat quietly in other networks for nine months.  Now, we should expect that some employees are going to walk back into the office with an infected laptop.

 

Moral of the story? Anticipating security threats and vulnerabilities, and putting in place policies and protections that both minimize disruption and risks, is crucial to pivoting quickly—no matter the situation. Advocate to your management and leadership an ideology that every business needs four things to stay safe from inevitable threats:

  1. A clean copy of data (data protection with verified backups)
  2. Proactive threat hunters (24x7 SOCaaS)
  3. Visibility into security gaps (security scanning)
  4. Cyber insurance policy

Remember, the threat landscape is always evolving and shifting. Tactics that IT teams once accounted for are now child's play to bad actors. The gauge of adequate cybersecurity protection is ever-changing. Make sure you have all the technology pieces in place and accounted for. 

Originally published on May 17, 2021

Be a thought leader and share:

Subscribe to Our Blog

About the Author

Cybersecurity and Compliance Cybersecurity and Compliance

Organizations entrust Centre with protecting their technology ecosystem and strengthening their security posture. Centre’s cybersecurity and compliance solutions delivers layered IT security to protect businesses’ employees, customers, and content from known and unknown threats. Through employee awareness training, detailed security assessments, and 24x7 threat containment, Centre is a trusted partner for businesses seeking comprehensive network and data protection. Learn more about Cybersecurity and Compliance »

Follow on LinkedIn »