Share this
Cybersecurity in Shared Co-Working Offices
by Frank Ahan on Jan 10, 2023 12:00:00 AM
Coworking offices have been growing in popularity, making news headlines, and getting featured in TV shows, even before the pandemic. However the pandemic, and the post-pandemic fallout, has really been an impetus for businesses of all sizes to adopt the use of coworking offices. From five- to ten-year locked-in leases with static square footage, to no-commitment short term leases from three months to 2 years—the coworking option has made the most sense for many businesses.
Challenges of Co-working
A new set of cybersecurity risks and challenges were introduced by organizations moving from a traditional single-company office to a shared office.
In a shared coworking space organizations are sharing with up to a hundred different companies. They are often sharing the same spaces, networks, and devices.
On top of that, to provide a modern clean and welcoming aesthetic many of the spaces are designed with lots of glass and openings to allow for natural light to pass through.
Coworking Risks (and Recommendations)
Physical Security of Shared Offices
Being that the coworking operators control the physical access to the offices, organizations using the space have little-to-no control over it.
There may be people in the offices who were not fully vetted: A guest for the day, a vendor, or even a malicious actor waiting to seize an opportunity to either grab devices or access unguarded ones and launch a threat via USB device.
When looking for a coworking office, determine if the building itself has a good access policy, such as front desk guards and keycard access to the floors on elevators.
Once in the shared offices, make it a policy to issue keys or cards to each employee and keep the offices that the organization uses locked at all times. If the operator allows, it is recommended to frost the glass of offices to prevent screens from being seen from the outside.
Network Security in Coworking Spaces
Internet and Network services provided by coworking operators vary—from just an ISP hook up, all the way to a personalized VLAN and Vanity SSIDs.
Many offices provide free wireless internet with a single password shared by everyone. This perk is actually a huge risk for an organization using coworking offices. Again, having non-vetted users or devices on the same network as the organization’s can lead to many vulnerabilities and risks. Packet sniffing, eavesdropping, network vulnerability scans, and brute force attacks on workstations are a few ways shared wired and wireless networks can expose the organization to unnecessary risks.
When selecting a coworking operator, an organization should check the different network and internet offerings. A segregated VLAN, wireless network that offers 802.1x protocols, and dedicated bandwidth are things that should be sought out when engaging a coworking office. On top of that, a mix use of firewall, VPN, and DNS service is incredibly important in a coworking environment.
Employee Device Security
Devices are at a huge risk in a shared office environment.
Employee device security should always be a top priority, but even more so when coworking offices are used. Common security threats include devices being stolen from common work areas, USB dongles attached to a device and payloads executed when an employee leaves their desk unattended, or even a stranger brazenly sitting down on a random device and installing a remote access application.
Device policies should be enforced, such as: Never leave a device unattended in a common open workspace, and devices should be password protected with auto screensavers that come up after a short interval of inactivity.
Employees should also be trained to keep an eye out for shoulder surfing, and be sure to keep monitor screens facing away from the hallways. Only approved wireless networks should be used by employees—never the public ones offered.
If common printers are offered, it is also recommended to not allow any confidential information to be printed at these devices. Instead, invest in a printer that can be used within the organization’s sole physical control.
Adapting to the World of Co-working
As IT and Cybersecurity professionals, we need to be able to adjust and adapt according to business needs. With many organizations moving daily operations to coworking and shared offices, it is up to us to make sure networks and devices are secure.
These environments offer many new challenges and risks, but there are solutions and best practices for that—all that needs to be done is to implement them.
Share this
Categories
- Featured (261)
- Protective DNS (21)
- IT (15)
- IndyCar (9)
- Content Filtering (7)
- Cybersecurity Brief (7)
- IT Challenges (7)
- Public Wi-Fi (7)
- AI (6)
- Deep Dive (6)
- Roaming Client (4)
- Team (4)
- Compare (3)
- Malware (3)
- Tech (3)
- Anycast (2)
- Events (2)
- MSP (2)
- Machine Learning (2)
- Phishing (2)
- Ransomware (2)
- Tech Stack (2)
- Secure Web Gateway (1)
As demand grows for constant connectivity to the digital world, offering free Wi-Fi has become as essential for restaurants and retail stores as providing quality products and exceptional service. Customers increasingly expect to stay connected wherever they go, and the availability of Wi-Fi in restaurants, shopping malls, and retail outlets significantly influences their choice of where to dine and shop. For businesses, providing in-store Wi-Fi ...
"Green IT" isn't just a buzzword; it's a transformative approach reshaping how we manage technology. As IT professionals, embracing Green IT means integrating sustainability into every facet of technology management. This isn't merely about being eco-friendly; it's about crafting IT environments that are both cost-efficient and future-proof.
Roblox, one of the world’s largest online platforms for children, has recently been making headlines—and not for the right reasons. While it's a playground for millions of kids, it's also become a target for online predators. A recentBloomberg article revealed disturbing details about predators exploiting Roblox’s ecosystem, raising urgent concerns about the platform’s safety.