Securing Personal Computers at Home


March 19, 2020

The global spread of the coronavirus has rapidly changed where and how many workers are doing their jobs. Employees are now working from home more than ever before. Most companies didn’t plan for an almost complete work from home workforce. One of the initial questions that any organization will ask is do we have enough laptops for all employees or do we need to allow employees to connect to the network from home with their personal computers.

In the past few years, you have probably seen a lot of webinars or product demos that told you as part of the sales pitch that the network perimeter was disappearing. To secure the new network you needed to buy their solution. That overhyped marketing prediction has actually become reality in the last couple of weeks.

Corporations’ networks are being extending to employees’ home and anywhere else they plan to work from remotely. And by extension so is their data security requirements. Even if employees’ personal computers do not directly connect to the network when using remote access solutions such as VMware or Citrix, the PCs still need to be secured. Home PCs rarely have the same level of security as corporate computers. They often have weak or non-existence passwords and anti-virus software. The home computers might not be updated with security patches and many may have Windows 7, or even older operating systems. All these possibilities make them vulnerable to the bad guys. These vulnerabilities allow the bad guys to take control over the PCs allowing them to install keyloggers to capture corporate login credentials or exfiltrate data that employees have copied to their home computers.

To secure your organization’s new network perimeter, consider extending your cloud-based corporate cybersecurity solutions out to your employees’ personal computers. The installed agents communicate with the cloud solution not the corporate data center so an IPSec or SSL VPN solution is not needed. A cloud solution allows you to see and secure devices remotely regardless if they are a corporate device or not. Many solutions can tell you where that device is in the world and if it is compliant with patching and other requirements. You can contain devices and even remediate those that have been compromised. Some solutions give you the capability to securely disable a device that has been lost or stolen. A cybersecurity cloud solution is beneficial for corporate devices as well. It may be weeks before they come back to the office.

If your organization does not have a cloud-based endpoint solution, we have multiple recommendations to see, secure and control computers wherever they are in the world and regardless if they are connected to the network or not. Castle Ventures exists to help our customers. Contact me at ghedge@castleventures.com to discuss how we can help you maintain a secure network wherever its new perimeter might reach.