Tag: remote work

Cybersecurity tactics for small teams – Network Security – part 1

Please check the previous part – here.

After we finished our two pieces for physical cybersecurity in this and the next one, we shall discuss how to defend your computer network. For a long time, I wondered whether to start with computer and mobile phone devices security first or start with the network security perimeter. In the end, I decided to follow the standard technical approach a computer hacker will use to penetrate your defenses – intelligence recon, network penetration, and finally, device exploits. In social engineering, the hacker will skip network penetration and directly exploit your devices.

So network security, here we go. 

Computer network protocol design is not with security and privacy in mind. After decades of cybercrimes and research on how to stop them, we finally have a solution for these problems. The zero-trust security model is almost 12 years old, with Google using it since 2009. However, despite the good news, the model has its use mainly in big corporates so far. I firmly believe that small organizations and teams can use this model or parts of it. 

But what is the idea of this approach? It is not something new – you have to understand that you can not trust any data in transit, including your own smartphone or laptop apps. Zero trust dictates that the whole network or application path between your application and the server could be malicious, including all the hardware devices along this path – network routers, switches, servers, laptops, and smartphones. 

Still, despite the zero-trust paradigm, I think that people must make sure that the hardware devices under their control are as secure and patched as possible. I market this work approach because the more layers of security you have, the harder it will be for an attacker to penetrate you. Or in short, zero trust does not invalidate other security practices. It just adds new tools to your defensive cybersecurity toolset.

So let’s start with the different network devices and their attack vectors:

Routers

So what is a router? A router’s standard definition is a hardware device, which connects different computer networks and forward packets between them. In the case of your home or office router, this is your home/office network and the Internet. Every network packet going to or from the Internet comes and goes through this router. 

In terms of network security, routers are your first line of protection versus network penetration attempts. Or, in simple words, they are your cyber gateway to cyberspace. Additionally, they offer a different range of services regarding your protection. Such services are Firewalls, Intrusion detection systems, NAT service, Syslog server, and many more. 

It is essential to treat your router as a highly specialized computer system. As a computer system, it inherits some of the security problems your personal computer has. Let me list the different attack vectors, which an attacker can use to penetrate your router.

On the diagram, you can see a standard small office deployment. Both of the firewalls are connected in CARP mode, and they become a virtual router. Usually, every firewall is deployed on a standalone hardware device. 
  • Misconfiguration: Sometimes, routers not come with the best configuration in terms of cybersecurity. For example, enabled remote access functionality can be pretty helpful for system administrators, but at the same time, it exposes your router to attackers.
  • Outdated software: Usually, home routers run on quite obsolete software. It is rare, a home user to upgrade the software version of their router. Unfortunately, this leads to systems without proper security patches and gives the attackers an excellent opportunity for hacking the router.
  • Exposed services: Most of the modern routers support additional services such as VPN and IPSec servers. It is essential to understand that every exposed service can be an attack vector for our attacker. In the case of VPN, this is usually not true, but there are exceptions.

Switches

Next in line is the network switch. By definition, a network switch is a network device, which connects different network devices into a local computer network by using packet switching to forward and receive data to the destination device. The network switch learns the identities of connected devices and then only delivers data to the port connected to the device to which it is addressed.

In other words, think about the router device as a controller of the local network and about the switch device as an intelligent extender of a local network segment. Still, every switch is a highly specialized computer system, and it inherits the cybersecurity problems other computer systems have. Let me list them.

Most modern companies use cloud providers for their services and do not waste their time deploying hardware. However, the bigger your become, the more hardware you have to set up because it becomes cheaper for you. However, the same principles for cybersecurity apply both to your home office and a multi-national corporation.
  • Network Flood: A malicious actor can try flooding the local network with packets and making it not responsible. Usually, this happens with older switches. Most of the modern ones have protection in place.
  • VLAN sniffing: Most modern switches support network isolation by tagging the packets. This way, different computers in your local networks can not listen to packets living in other virtual networks. Still, if the switch tagging the packets got penetrated, the attacker can listen to all network packets.
  • Remote Access: Newer and more expensive network switches have an entire operating system built inside. It supports remote access features for system administrators and many more. Still, the more one device is intelligent, the bigger the attack surface it has. 

Next part is – here.

Pros and Cons of Working at Home

Coronavirus isn’t going anywhere, and people had to adapt. Many employees have started working from home, and people get left to wonder: is this the new normal? Is working from home a dream or a nightmare? There are both pros and cons to it. Let’s examine them and begin with the positives. 

You cut out the time it takes you to get to your office. No commuting saves time usually wasted, which you can use to work or sleep in – both great perks. It also decreases transportation costs and saves you the stress that accompanies street traffic or being cramped in a tube or bus. 

It’s your own space, and you control it. You don’t have to endure loud coworkers chatting, music from noisy headphones, any noise you find distracting or uncomfortable – you can get rid of at once. Brighter, darker, hotter, colder, any adjustments that usually require a conversation with your fellow employees, you can do on your own accord. You won’t get judged every time you go on a break.

Flexibility is also a key benefit. Unless video calls are involved, you can roll out of bed and work from your pajamas if you feel like it. You have no dress code. Even if you get a call, you can always be business on top and party at the bottom.

A quick recap of the pros:

  • no commute
  • saves money
  • control
  • flexibility

Let’s go over the disadvantages next.

To keep up productivity at home, you must have self-discipline. If you have set working hours, you must abide by them. If you don’t, you must find the time needed to accomplish your work for the day. The couch may seem enticing, but it can wait after you’ve done your job. The same applies to chores or other home-related tasks. Don’t get distracted. You may be at home, but you’re on the clock. 

A significant contributor to poor working conditions is roommates. That includes flatmates of any kind – family, friends, all same-space occupants fit the bill. If they are unaccommodating to your working needs, you will suffer for it. 

It can be isolating and lonely to work from home. Whether you live alone or with people, you’ll find that you miss your coworkers. You’ll miss the banter, the opportunity to ask them a quick question and get a response. You can lose that connection when you’re all working from home. In that case, you should try to spend some time in communication with your coworkers.

It’s hard to separate work from home. Not many people have the luxury of designated office space to leave and close the door behind them when work hours end. You can lose the distinction between home and office, and that can lead to overworking yourself.

On the bottom side of the diagram, you can see the standard office deployment, and on the top, the standard remote/freelancer deployment. We have to defend the red lines. In the case of freelancers, you have more entry points to defend.

Working from home increases the risk of being a cybercrime victim. Most people do not have the proper training to build their cybersecurity defenses, leading to data breaches. So to properly defend yourself, an onboarding cybersecurity essentials course is a good start.

A quick recap of the cons:

  • self-discipline is mandatory
  • unaccommodating roommates
  • lonely
  • no work-home separation
  • more significant risk of being a cyber victim

You can argue for and against it, but ultimately, it comes down to every person’s preferences.