What are the risks lurking in computers, networks, offices and buildings abandoned by a pandemic? IT security officers had their hands full in the pandemic to securely connect the home office. But there are also risks in abandoned offices or workstation computers that have not been started up for a long time.
At the beginning of the pandemic, many employees fled to the home office - and have stayed there to this day. They left IT systems and networks in the office next to their desk. The unused buildings cost money and are a real risk. Was it possible for someone to break open a lock during the pandemic, enter and join the company network unnoticed? Steal computers and other equipment? Read employees' passwords on post-its and in notebooks next to their computers?
Abandoned PCs are a security risk
What other dangers are there? So what should security professionals do about it now? In general, there are two categories of possible vulnerabilities that should be considered when devices are switched off for a long time. First, problems caused by unauthorized access to the orphaned offices. Second, problems that arise from the fact that no one may have managed, patched, or supervised devices for an extended period of time.
Closing doors: Risk of physical access to IT infrastructure
The IT of every company should be secured to a certain extent against physical access by unauthorized persons. It is not without reason that the doors of the data center are locked to unauthorized persons. Especially in organizations that manage very sensitive data - authorities, military or pharmaceutical companies - the physical access control is generally much stricter than in the rest of the industry.
However, more customary commercial companies do not necessarily see protection against unauthorized access to internal networks as part of their IT defense. They tend to pass this task on to building security, which secures access with video cameras and access control and is more likely to protect against theft or vandalism. However, due to the rooms abandoned by the pandemic, organizations should include the increased risk of physical break-in in their security strategy. Because a stolen computer and its access data can provide access to company networks. A company's IT can also integrate cloud-based video surveillance into an overall security concept.
In the case of stolen devices that may have disappeared unnoticed over a long period of time, it can be extremely difficult for security teams if logging logs and information from recorded videos or other important data from analysis systems are no longer available after a while.
Analyze the use of IT in the office during the pandemic
Installed malware or eavesdropping systems pose a further risk of unauthorized access in the absence of the workforce. Undertaking in the pandemic without proper security measures should consider a basic, aggressive security revision before they can use the premises and hardware again.
For most other establishments, a plan to safely reopen the rooms should be sufficient. A physical audit of the devices is recommended. It is just as important - if possible - to check who had access to the premises in the past year. Since offices were empty or sparsely occupied during the pandemic, platforms for security analysis do not find it difficult to locate and investigate any work on the computer and with the company IT from the office during this period.
Devices that have been switched off for a year are a safety risk
Much bigger problems arise when IT resources have been idle for an extended period of time. Administrators cannot remotely manage devices that are switched off and not connected to the network. When users reconnect the systems, they are therefore much more at risk. Critical recent patches or current security software versions are not available. Expired domain credentials and system clocks that are no longer synchronized make devices vulnerable to malware or targeted attacks.
Plan to restart the devices before employees come back
IT managers should therefore plan for the restart before the employees come back to the office. In doing so, they should start each system, update it in a secure environment, and test it before handing it over to the users.
IT devices that have been idle for a long time also tend to fail. When restarting, those responsible should plan for the failure rate of components to be much higher than normal, take additional support requirements into account and have replacement devices ready. Without such precautionary measures, additional security risks may arise because employees are expected to return to the office prematurely but without protected systems.
The restart after the pandemic needs to be done in advance
Even if the pandemic is over at some point and employees return to the office: It leaves its mark. Companies and organizations whose workforce comes back to the office after a long period of time in the home office should plan this return well in advance. Because the abandoned buildings could have invited criminals to gain access to the networks. And if this worst case scenario does not occur, systems that have not been used for a year are in themselves a serious security risk that IT can minimize through a planned restart.
More at Bitdefender.com
About Bitdefender Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de
Matching articles on the topic