Three Ugly Work From Home Wi-Fi Security Realities

Part 2/3 of our series on Securing Work from Home Initiatives

Public Wi-Fi networks have long been known to increase the cyber risk for organizations. With companies worldwide being forced to adopt more flexible working policies, many experts agree that security teams aren’t ready for this spike in employees working on their home networks.

The Wi-Fi in an employee’s home is almost identical to a public Wi-Fi network. The primary difference is the number of devices connecting - a hotel or airport network may have hundreds or thousands of devices connected at any time, home networks typically have a dozen or so. 

However, this doesn’t eliminate the likelihood of attack. In fact, attacks on employees working from home are likely to increase as threat actors adjust their tactics to this new reality. Given this, IT Security teams should be aware of the following when supporting work from home initiatives:

1. The on-premise enterprise security stack can’t protect devices working from home

Employees working from home don’t have the same firewalls, network-based intrusion detection systems, and other defenses they have in the office. Organizations therefore have no visibility into the network traffic that exists on a home Wi-Fi network and cannot trust these networks.

2. Family internet usage increases attack surface and risks

No one is immune to targeted phishing campaigns, and malicious links. Adults are more educated about the risks, but they still fall victim to the appealing malicious email. Software-based solutions are good at blocking the execution of most malicious links, documents, and emails, but this is only when they’re installed on company-issued devices. 

Unmanaged devices in the hands of children, teens and adults alike are the real problem. Tablets, cellphones, home IoT devices, and gaming consoles increase the attack surface and the risk. Kids don’t understand the risks of spam and don’t know how to spot the difference between real or fake apps. Gamers are often downloading executable code and teens are browsing some of the riskiest sites on the internet. Once a piece of malware is on the home Wi-Fi network, the odds are high that all devices become infected.

3. Devices are still exposed and vulnerable even when on a home Wi-Fi network.

Organizations may have mandated employees use a VPN when working from home. However, VPNs only encrypt data in transit and don’t isolate the device from the Wi-Fi. Once an attacker or malware gets into a device, they often go undetected. They will seize or manipulate data with the ultimate goal of moving from a single remote device into the big prize: the company network of servers. If the employee is using a VPN and becomes infected, the attacker can then pivot through the VPN, jumping into the datacenter.

Conclusion

So while home Wi-Fi may initially seem lower risk than public Wi-Fi, given the above factors and the growing dependence on working from home, security teams need to improve their work from home security posture. 

Stay tuned for our final post of the series released on March 31 of how Byos helps better extend enterprise security protections to devices connected to Home Wi-Fi.