Remote workers on the front line: access to sensitive data and its security implications


Remote workers needing access to sensitive data and their security implications

Following the overwhelming success of IDM Europe and ECS UK, we were delighted once again with the outcome of our Government IT Security virtual conference, which was held on the 23rd of September. During this event, delegates were enlightened by our guest speakers who highlighted industry best practice and gave an inside scoop on next generation of IS and Cyber Policies.

Keep reading to be enlightened by one of our standout speakers.

Mobile threat landscape

Adam Gwinnet, Head of strategy, Enterprise Architecture and cybersecurity, Metropolitan Police

Due to the implications of the COVID19 pandemic, there has been significant growth in demand for remote access to services which were traditionally on-prem. As a result, and as suggested by Adam, he and his colleagues have had to dedicate more time to facilitating this new normal. Amongst the many concerns raised by Adam, he addressed what mobile threat can mean for a workplace, what we need to do from a cooperative point of view, as well as what we are looking for in terms of helping people learn how to protect themselves?

A huge rise has been seen in terms of smartphone users; statistics show that there has been a near a 50% increase in such threats. A significant proportion of users have gone from a desktop point of view to where mobile is now their primary access point and an integral part of their daily routine, with desktop and more traditional software only being utilised if they cannot get the full richness of the services they need on their mobile devices. One of the key trends is that, as the user behaviour and technology landscape has shifted, so too has the number of tools that have become available and which allow for the installation of malicious software on devices which do not require user action to initiate. In addition, there are no visible updates that there is a new software being installed, which means that users would be completely oblivious and would not necessarily be able to take any action once it is installed.

In terms of threats

In the last 12-18 months, one interesting factor we have seen is that in both android and IOS markets we have seen the reintroduction of critical security vulnerabilities that had previously been patched. The Anubis malware targeted financial services apps on mobile devices in which the user’s actions and data were captured and recorded. Phishing links are increasingly being distributed via messaging apps and SMA, where people typically have less security and where basic tricks like ‘mouse over’ are less effective.

How can we prevent this?

  • Map increasing MPS usage of smart devices
  • From 7000 in 2019 to 25000 today
  • Swapping our existing EDR solution on mobile and laptop to having an equivalent ATP agent across both
  • Introducing a cloud-based proxy for browsing and app traffic to allow elements of ‘local breakout’ from the devices
  • Thorough risk assessment/investigation of applications prior to adoption – evaluation tools to accelerate/automate aspects of this

How you can prevent this

If you offer corporate handsets you should review your device protection to see if it is enterprise-grade and check that it covers SMS and browsing. In addition, you should integrate the outputs from your EDR into your SIEM (if it is not already). However, if you offer BYOD you should consider licensing an EDR solution for your employees to use on their own devices and offer direct user awareness training on mobile threats. Furthermore, a secure container for work applications.

Remember GOVSEC UK will remain open till the 14th of October 2020, so please check it out if you have not already by clicking the link below.

We hope to see you all again next year at GOVSEC UK, 18th May 2021

GOVSEC May 2021 at a glance