Security and Converged Workspaces

Security and Converged Workspaces

Security and Converged Workspaces 2048 1365 Mark Arnold

The Forcibly Converged Network

The convergence of home and corporate networks continues unabated. Converged workspaces are here to stay for the foreseeable future. Most converged networks that we assess are flat, like many corporate networks. However, the comparisons abruptly end there. Unlike corporate networks, converged networks lack common controls and typically lack monitoring of internal and wireless access. Similarly, firewalls in the home “office” are often limited to simple packet filters and are not well implemented beyond default configurations. More than anything, converged networks do not fare well when it comes to the security of non-corporate assets on adjacent networks.

One Hop Away from the Corporate Network

From the onset of the pandemic, non-corporate assets continue to pose risks to adjacent corporate networks. Consumer connected devices, thermostats, home assistants, and printers are often unmanaged. Adding virtual schooling to the mix has only increased the odds of corporate compromise. Attacks on remote learners could be leveraged to compromise accessible corporate provisioned devices – one hop away. A recent spate reported incidents of ransomware impacting the start of schools and the increased level of the malice of these attacks are telltale signs of impending corporate breaches

The Converged Network Threat Model

If they haven’t already, security stakeholders have expanded threat models of their organizations in response to converged networks on which their employees work. Widely known attacks against home routers and IoT place converged networks in jeopardy and, ultimately, corporate assets. CISOs and CIOs should be actively considering risks posed by a shared workspace that extends the corporate domain. Many inherent weaknesses corporations are sure to encounter in converged networks like malware (i.e., 3.5x more likely) and service and remote management exposure

What Can Go Wrong?

In a real-world example from a recent engagement, we recently stumbled upon an asset management risk that warranted attention. The firm stood up infrastructure to commission images for its workforce at the outset of the pandemic. Those machines were never provisioned, and the infrastructure never decommissioned. Moreover, a scan of that network revealed the existence of the vulnerability. Stories like these confirm the need to reassess all access and assets. All threat models must be thoroughly fleshed out and refreshed.

Another example is detailed in Anton’s most recent post which outlines one possible attack scenario given this new shifting perimeter and to provide some defense guidance around these Tactics, Tools, and Procedures (TTPs).

Shifting Policy

Many organizations and businesses are reassessing their risk management practices, policies, and procedures in light of these converged workspaces. This new inflection point mandates a refresh of corporate security and awareness programs. As a result, businesses can minimize the impact on corporate assets and data compromise. Further, new guidelines should require controls like segmentation to limit the attacker’s reach due to compromises on the adjacent network. Visibility, to whatever degree possible, is equally important as converged networks are effectively blind spots. Ultimately, Data protection policy should be top of mind. Leaders are already rethinking their positions on data privacy with remote workers potentially processing data remotely. Lax data protection controls during the pandemic have led to widespread compromises, and industry leaders have taken notice.

What Else Can We Do?

The Forcibly Converged Network has its challenges. Every organization’s architecture is different; every home network and the devices communicating with the Internet are unique. Similarly, parental or guardian oversight of Internet usage varies per beliefs and household rules. Hence, updating security program documentation, adjusting threat models, and implementing monitoring technical controls (where possible) should be of paramount concern for all organizations to help limit potential threats.

As this problem is likely not one that can be completely addressed by a single blog post, we decided to hold a roundtable discussion on Wednesday, October 14th, 2020, at 12 pm ET with several Lares employees to bring their own unique parenting, security, and anecdotal perspectives to this problem.

Sign up for the free webinar here: https://attendee.gotowebinar.com/register/775648688884026384

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

©2019 Lares, LLC | All rights reserved.
    Privacy Preferences

    When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

    Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.