This post is also available in: עברית (Hebrew)
With the global efforts to block the spread of the Coronavirus, people are working from home at an unprecedented scale. Alongside challenges of network capacity, questions are raised regarding the cybersecurity of the tools many employees use to connect to vital workplace systems and data.
This is especially challenging when it comes to employees at critical infrastructure, intelligence agencies, defense industries, and anywhere else with high-security networks. In some cases, working from home isn’t an option at all.
Attend i-HLS’ InnoTech Expo in Tel Aviv – Israel’s largest innovation, HLS, and cyber technologies expo – on November 18-19, 2020
Companies with especially sensitive data or operations often limit remote connections, segment networks to limit a hacker’s access if they do get in, and sometimes even disconnect their most important machines from the internet.
The US government’s Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory to critical infrastructure companies to prepare for remote work scenarios as Covid-19 spreads. That means checking that their virtual private networks are patched, implementing multi-factor authentication, and testing out remote access scenarios.
According to wired.com, for many industrial networks, the highest standard of security is an “air gap,” a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks. A physical disconnect between the inner sanctum of software connected to physical equipment and the less sensitive, internet-connected IT systems. But very few private-sector firms, with the exception of highly regulated nuclear power utilities, have implemented actual air gaps.
For the most critical of critical infrastructure, like power plants and oil refineries, remote work isn’t just leading to technical snafus. It’s often impossible for many staffers, says Chris Sistrunk, a security consultant for FireEye. “There’s no way to fully remotely run some of those plants,” Sistrunk says. “You don’t work from home. Essential engineers and operators will always be there 24/7.”
Interested in learning more about cybersecurity and critical infrastructure? Attend i-HLS’ InnoTech Expo in Tel Aviv – Israel’s largest innovation, HLS, and cyber technologies expo – on November 18-19, 2020 at Expo Tel Aviv, Pavilion 2.